DMARC Tags
DMARC records are a concoction of various mechanisms or DMARC tags that communicate specific instructions to email-receiving servers during mail transfer. Each of these DMARC tags contains a value that is defined by the domain owner. Today we are going to discuss what are DMARC tags and what each of them stands for.
Here are all the available DMARC tags that a domain owner can specify in their DMARC record:
DMARC Tag | Type | Default value | What it means |
v | mandatory | The v tag represents the DMARC protocol version and always has the value v=DMARC1 | |
pct | optional | 100 | This tag represents the percentage of emails to which the policy mode is applicable. Read more about DMARC pct tag |
p | mandatory | This tag addresses the DMARC policy mode. You can select from reject, quarantine, and none. | |
sp | optional | The policy mode configured for your main domain(p) | Specifying the subdomain policy, the sp tag is configured to define a policy mode for your subdomains. |
rua | Optional but recommended | The rua tag is an optional DMARC tag that specifies the email address or web server wherein reporting organizations are to send their DMARC aggregate rua data.
Example: rua=mailto:ruaaddress@example.com; | |
ruf | Optional but recommended | Similarly, the ruf mechanism specifies the address to which the DMARC forensic ruf report is to be sent. Currently, not every reporting organization sends forensic data.
Example: ruf=mailto:rufaddress@example.com. | |
fo | optional | 0 | The fo tag caters to the available failure/forensic reporting options domain owners can choose from. If you have not enabled ruf for your domain, you can ignore this. The available options to choose from are:
0: a DMARC failure/forensic report is sent to you if your email fails both SPF and DKIM alignment
1: a DMARC failure/forensic report is sent to your when your email fails either SPF or DKIM alignment
d: a DKIM failure report is sent if the email's DKIM signature fails validation, regardless of the alignment
s: a SPF failure report is sent if the email fails SPF evaluation, regardless of the alignment. |
aspf | optional | This DMARC tag stands for the SPF alignment mode. The value can be either strict(s) or relaxed(r) | |
adkim | optional | Similarly, the adkim DMARC tag stands for the DKIM alignment mode, the value of which can be either strict(s) or relaxed(r) | |
rf | optional | afrf | The DMARC rf tag specifies the various formats for Forensic reporting. |
ri | optional | 86400 | The ri tag addresses the time interval in seconds between two consecutive aggregate reports sent by the reporting organization to the domain owner. |
What is SPF? Free2 m
Video Introduction to SPF Free1 m 41 s- A Brief History of SPF Free1 m
- How does SPF work? Free2 m
- SPF Tags: Syntax of an SPF Record Explained Free3 m
- How to create and publish SPF records? Free2 m
- SPF Authentication Failures Free3 m
- Video Explanation: SPF PermError Free1 m 39 s
Quiz 430 m
- What is DMARC? Free1 m
- Video Introduction to DMARC Free1 m 15 s
- A Brief History of DMARC Free1 m
- How does DMARC work? Free2 m
- What is DMARC Policy? : None, Quarantine & Reject Free2 m
- Video Explanation: DMARC Policy Free1 m 40 s
- DMARC Tags Free2 m
- DMARC Aggregate (RUA) Reports Free3 m
- DMARC Forensic (RUF) Reports Free2 m
- How to Create and Publish a DMARC Record? Free3 m
- DMARC Authentication Failures Free3 m
- Video Explanation: Why does DMARC Fail? Free1 m 37 s
- Quiz 630 m