Email receivers may decide to override the policy that you have specified in your DMARC record. For example, you have set a policy of reject (p=reject) for your domain and the email you have send goes through a mailing-list which breaks both SPF and DKIM. In this case DMARC will fail, however the receiver may decide to override your policy and accept the email. Some of the common DMARC override scenarios are mentioned below:

forwarded emails: Message was relayed via a known forwarder or local examining identified the message as likely having been forwarded. There is no expectation that authentication should pass.

local policy: The Mail Receiver’s local policy exempted the message from being subjected to the Domain Owner’s requested policy action. Means they are not checking your DMARC authentication and have exempted your domain at their gateway.

mailing list: Local examining determined that the message arrived via a mailing list and thus authentication of the original message was not expected to pass.

sampled out: Message was exempted from application of policy by the ‘pct’ setting in the DMARC policy record. Means you have set the policy quarantine (p=quarantine) and having pct=50%, in this scenario 50% mails will be delivered to the user’s inbox.

trusted forwarder: Message authentication failure was anticipated by other evidence linking the message to a locally-maintained list of known and trusted forwarders.