I was looking into getalby.com domain MX records using https://mxtoolbox.com (very good tool to configure properly your email server) and I found these rules used for anti-spam and anti-phishing rules:

DMARC actual

v=DMARC1; p=none; rua=mailto:b02f99b6d44a47f595397b4b8fc195fd@dmarc-reports.cloudflare.net

I would put a stronger DMARC with:

v=DMARC1;p=reject;sp=quarantine;pct=10;rua=mailto:b02f99b6d44a47f595397b4b8fc195fd@dmarc-reports.cloudflare.net;ri=86400;aspf=r;adkim=r;fo=1;

SPF

v=spf1 include:zoho.eu include:spf.ourmailsender.com include:spf.mandrillapp.com ~all

I would change ~all into -all

In this way, in case of a phishing attack, the recipients email servers can reject more easily those phishing (fake) emails.