Symbiosis: Update dns.rb to make default dmarc policy safer

Imported from https://www.github.com/BytemarkHosting/symbiosis/issues/130

The current dmarc policy is dangerous, in that it says to quarantine 100% of unaligned email from the main domain (but oddly not subdomains). This policy is much safer for an initial dmarc policy, as recommended for example, by Google at https://support.google.com/a/answer/2466563?hl=en&ref_topic=2759254

Edited Apr 17, 2019 by Paul Cammish

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information