As others have mentioned, this is not how DMARC works.
But I'd like to add to this that this is also not how 'adkim' works. It won't protect you from this particular attack.
adkim=s adds a strict alignment requirement for DKIM, meaning that the DKIM signature is not to be considered aligned unless the domain matches up to the subdomain level. The default 'relaxed' (adkim=r) alignment requirement allows you to use subdomains with a DKIM key placed under the administrative domain (aka 'root' or 'apex' domain) and vise-versa.
Unless you know exactly what you are doing and you have a situation where you do not control subdomains of your own domain, you probably don't want to use adkim=s.
As others have mentioned, this is not how DMARC works.
But I'd like to add to this that this is also not how 'adkim' works. It won't protect you from this particular attack.
adkim=s adds a strict alignment requirement for DKIM, meaning that the DKIM signature is not to be considered aligned unless the domain matches up to the subdomain level. The default 'relaxed' (adkim=r) alignment requirement allows you to use subdomains with a DKIM key placed under the administrative domain (aka 'root' or 'apex' domain) and vise-versa.
Unless you know exactly what you are doing and you have a situation where you do not control subdomains of your own domain, you probably don't want to use adkim=s.