Back to Course
Լight modeDark mode

DMARC Tags

DMARC records are a concoction of various mechanisms or DMARC tags that communicate specific instructions to email-receiving servers during mail transfer. Each of these DMARC tags contains a value that is defined by the domain owner. Today we are going to discuss what are DMARC tags and what each of them stands for. 


Here are all the available DMARC tags that a domain owner can specify in their DMARC record: 
 

DMARC Tag

Type

Default value

What it means

v

mandatory

 

The v tag represents the DMARC protocol version and always has the value v=DMARC1 

pct

optional

100

This tag represents the percentage of emails to which the policy mode is applicable. Read more about DMARC pct tag

p

mandatory

 

This tag addresses the DMARC policy mode. You can select from reject, quarantine, and none. 

sp

optional

The policy mode configured for your main domain(p)

Specifying the subdomain policy, the sp tag is configured to define a policy mode for your subdomains.

rua

Optional but recommended

 

The rua tag is an optional DMARC tag that specifies the email address or web server wherein reporting organizations are to send their DMARC aggregate rua data. 


 

Example: rua=mailto:ruaaddress@example.com;

ruf

Optional but recommended

 

Similarly, the ruf mechanism specifies the address to which the DMARC forensic ruf report is to be sent. Currently, not every reporting organization sends forensic data. 


 

Example: ruf=mailto:rufaddress@example.com.

fo

optional

0

The fo tag caters to the available failure/forensic reporting options domain owners can choose from. If you have not enabled ruf for your domain, you can ignore this. 

The available options to choose from are: 


 

0:  a DMARC failure/forensic report is sent to you if your email fails both SPF and DKIM alignment


 

1:  a DMARC failure/forensic report is sent to your when your email fails either SPF or DKIM alignment


 

d: a DKIM failure report is sent if the email's DKIM signature fails validation, regardless of the alignment


 

s: a SPF failure report is sent if the email fails SPF evaluation, regardless of the alignment.

aspf

optional

 

This DMARC tag stands for the SPF alignment mode. The value can be either strict(s) or relaxed(r)

adkim

optional

 

Similarly, the adkim DMARC tag stands for the DKIM alignment mode, the value of which can be either strict(s) or relaxed(r) 

rf

optional

afrf

The DMARC rf tag specifies the various formats for Forensic reporting.

ri

optional

86400

The ri tag addresses the time interval in seconds between two consecutive aggregate reports sent by the reporting organization to the domain owner.

Course content
Email Authentication Fundamentals