---
title: "DMARC Update: RFC is Considering To Replace the ‘pct’ Tag in DMARC With ‘t=’ Tag | DMARC Report"
description: "A change is expected in the DMARC policy settings as IETF has introduced a draft that reports replacing the ‘pct’ tag with the ‘t=’ tag to overcome some."
image: "https://dmarcreport.com/og/blog/dmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag.png"
canonical: "https://dmarcreport.com/blog/dmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag/"
---

Quick Answer

A change is expected in the \[DMARC policy\](https://dmarcreport.com/dmarc-policy/) settings as \[IETF\](https://datatracker.ietf.org/wg/dmarc/) has introduced a draft that reports replacing the ‘pct’ tag with the ‘t=’ tag to overcome some challenges. Things are not certain yet, as the document is under discussion and consideration. Nonetheless, let’s see what can we expect.

Related: [Free DMARC Checker](/tools/dmarc-checker/) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fdmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=DMARC%20Update%3A%20RFC%20is%20Considering%20To%20Replace%20the%20%E2%80%98pct%E2%80%99%20Tag%20in%20DMARC%20With%20%E2%80%98t%3D%E2%80%99%20Tag&url=undefined%2Fblog%2Fdmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fdmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fdmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag%2F&title=DMARC%20Update%3A%20RFC%20is%20Considering%20To%20Replace%20the%20%E2%80%98pct%E2%80%99%20Tag%20in%20DMARC%20With%20%E2%80%98t%3D%E2%80%99%20Tag "Share on Reddit") [ ](mailto:?subject=DMARC%20Update%3A%20RFC%20is%20Considering%20To%20Replace%20the%20%E2%80%98pct%E2%80%99%20Tag%20in%20DMARC%20With%20%E2%80%98t%3D%E2%80%99%20Tag&body=Check out this article: undefined%2Fblog%2Fdmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag%2F "Share via Email") 

![DMARC Update: RFC is Considering To Replace the ‘pct’ Tag in DMARC With ‘t=’ Tag](https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg) 

## Try Our Free DMARC Checker

Validate your DMARC policy, check alignment settings, and verify reporting configuration.

[ Check DMARC Record → ](/tools/dmarc-checker/) 

A change is expected in the [DMARC policy](https://dmarcreport.com/dmarc-policy/) settings as [IETF](https://datatracker.ietf.org/wg/dmarc/) has introduced a draft that reports replacing the ‘pct’ tag with the ‘t=’ tag to overcome some challenges. Things are not certain yet, as the document is under **discussion and consideration**. Nonetheless, let’s see what can we expect.

> DMARC is the only email authentication protocol that gives you both enforcement and visibility, says Brad Slavin, General Manager of DuoCircle. SPF and DKIM authenticate silently - DMARC tells you what happened and lets you control the outcome. That combination of reporting and policy is why DMARC adoption is accelerating.

## What is DMARC?

_DMARC is an acronym for Domain-based Message Authentication Reporting and Conformance_. It is an [email authentication protocol](https://dmarcreport.com/what-is-dmarc/) that instructs recipients’ servers on how they should deal with emails that [fail SPF](https://dmarcreport.com/blog/what-causes-spf-record-failure-and-how-to-troubleshoot-common-issues/) and/or [DKIM](https://dmarcreport.com/what-is-dkim/) checks. It includes mechanisms for reporting and conformance to help domain owners monitor and enforce their **email authentication policies**.

As of 2025, DMARC is mandatory under multiple compliance frameworks. [CISA BOD 18-01](https://www.cisa.gov/news-events/directives/bod-18-01) requires p=reject for US federal domains. [PCI DSS v4.0](https://www.pcisecuritystandards.org/) mandates DMARC for organizations processing payment card data as of March 2025\. Google and Yahoo require DMARC for bulk senders (5,000+ messages/day) since February 2024, and [Microsoft began rejecting](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) non-compliant email in May 2025\. The UK [NCSC](https://www.ncsc.gov.uk/collection/email-security-and-anti-spoofing), Australia’s [ASD](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-email), and Canada’s [CCCS](https://www.cyber.gc.ca/en/guidance/implementation-guidance-email-domain-protection) all mandate DMARC for government domains. Cyber insurers increasingly require DMARC enforcement as an underwriting condition.

It was developed by a group of leading IT companies that wanted to establish a mechanism to \*\*fight against phishing and [fraudulent emails](https://www.bleepingcomputer.com/news/security/bazarcall-attacks-abuse-google-forms-to-legitimize-phishing-emails/) on the Internet. As of 2022, more than [1.28 million](https://webinarcare.com/best-dmarc-software/dmarc-statistics/#:~:text=More%20than%201.28%20million%20domain,spoofing%20by%20an%20enforcement%20policy.) domain owners have strengthened their domains with DMARC, and the number is expected to grow at a fast pace, owing to [Google and Yahoo’s new policy](https://dmarcreport.com/blog/google-and-yahoos-new-email-authentication-policy-for-2024/).

## What is the ‘pct’ Tag in DMARC?

The DMARC ‘pct’ tag is short for the [percentage tag that is used for advancing policies](https://www.duocircle.com/dmarc/understanding-dmarc-percentage-tag-for-advancing-policies) and reaching the highest level of protection. This tag helps specify the percentage of email messages that should be subjected to \*\*DMARC authentication checks \*\*so that you can gradually increase the percentage with minimal [false positives](https://csrc.nist.gov/glossary/term/false%5Fpositive).

![Dmarc report](https://media.mailhop.org/dmarcreport/images/2024/01/dmarc-report-4673.jpg) 

Domain owners typically start with as low as 20% or 30% so that only a small chunk of outgoing messages undergo the authentication test. At this point, they evaluate [aggregate (RUA) and forensic (RUF) reports](https://dmarcreport.com/blog/why-is-rua-important-for-monitoring-email-authentication-issues/) to catch insights into **email activities**, which allows them to understand how many messages are experiencing false positives. They gradually increase the percentage as the number of false positives goes down.

## What is the Challenge With the ‘pct’ Tag?

The [‘pct’ tag](https://support.dmarcreport.com/support/solutions/articles/5000882475-how-is-the-pct-tag-in-a-dmarc-record-used-) has been in use for a long time; however, there has always been a challenge of its **improper application**, except when the percentage is either ‘0’ or ‘100’, as these are the default values. _This is because when the percentage is set to 100, the mail receiver doesn’t have to perform a special function, leaving no room for improper application_.

On the other side, setting the pct tag value to 0 is linked with deviations from the standard management process by intermediaries and \*\*mailbox providers involved in the development of [RFC5322](https://datatracker.ietf.org/doc/html/rfc5322).

Much surprisingly, the accidental use of the ‘pct=0’ tag proved to be beneficial for the **email community**. When headers were modified by intermediaries with “pct=0,” domain owners could gain valuable insights into the proportion of their [email traffic](https://emailanalytics.com/email-traffic/) passing through intermediaries that adhered to RFC5322 standards. Despite the effort required for this comparison, it became an invaluable source of information for domain owners .

With knowledge about the volume of emails susceptible to \*\*potential DMARC failure due to the absence of RFC5322 in header rewriting by intermediaries, domain owners could make well-informed decisions. They could assess their tolerance for DMARC failures and determine whether to transition from “p=none” to “[p=quarantine” or “p=reject](https://dmarcreport.com/blog/dmarc-enforcement-timeline-none-to-reject-roadmap/).”

![Gmail dmarc 1](https://media.mailhop.org/dmarcreport/images/2024/01/gmail-dmarc-1-1.jpg) 

## Consideration of the ‘t=’ Tag

Now, the \*\*decision-makers are retaining the functionality of the ‘pct=0’ tag; however, they are reconsidering the name of the tag as it doesn’t make sense to call it a ‘percentage’ tag with only two valid values, which are 0 and 100.

The ‘ t=’ tag stands for ‘testing ,’ and it has two values- ‘y’ and ‘n.’

_The ‘t=y’ value is equivalent to ‘pct=0’. So, emails subjected to ‘t=y’ specify that the domain owner is currently in the testing phase of implementing their policy rollout_. So, during this phase, the receiver conducting the check should not enforce the policy\*\*.

On the other hand, ‘t=n’ and ‘pct=100’ convey the same instructions. Emails subjected to “t=n” will follow the default [DMARC policy](https://dmarcreport.com/dmarc-policy/), which is the same as the previous “pct=100” setting.

## Final Words

The introduction of the new tag is expected to make it easier to imply [DMARC policies](https://dmarcreport.com/dmarc-policy/) by **aligning settings**. It has the potential to resolve the previous challenges, ensuring your domain stays protected from [malicious email activities](https://cyware.com/news/email-borne-malicious-activities-arent-going-to-go-away-anytime-soon-28d58fec).

In summary, the \*\*DMARC policy settings may see changes with IETF’s proposal to replace the ‘pct’ tag with ‘t=.’ While the document is under discussion, the industry continues to evolve.

_The proposed ‘t=’ tag retains ‘pct=0’ functionality, signaling a testing phase (‘t=y’) where policy enforcement is withheld. ‘t=n’ aligns with default DMARC policy, akin to ‘pct=100_.’ The email community stays vigilant, ready to adapt to \*\*evolving standards for enhanced [email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/).

This foreseeable development reflects the adaptive nature of the [DMARC](https://dmarcreport.com/) protocol and commitment to making the \*\*email ecosystem a better and safer place to communicate.

## Sources

- [CISA Binding Operational Directive 18-01](https://www.cisa.gov/news-events/directives/bod-18-01)
- [Microsoft Outlook DMARC Enforcement May 2025](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) (2025)
- [PCI DSS v4.0 - DMARC Requirement](https://www.pcisecuritystandards.org/) (2025)

## Topics

[ DMARC ](/tags/dmarc/)[ dmarc record ](/tags/dmarc-record/)[ email security ](/tags/email-security/) 

![Adam Lundrigan](https://media.mailhop.org/dmarcreport/images/authors/adam-lundrigan.jpg) 

[ Adam Lundrigan ](/authors/adam-lundrigan/) 

CTO

CTO of DuoCircle. Leads engineering for DMARC Report and DuoCircle's email security product portfolio.

[LinkedIn Profile →](https://www.linkedin.com/in/adamlundrigan/) 

## Take control of your DMARC reports

Turn raw XML into actionable dashboards. Start free - no credit card required.

[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) 

## Related Articles

[  Foundational 5m  10 Reasons Why Your Website Needs A Robust DMARC Report Monitoring Tool  Sep 29, 2023 ](/blog/10-reasons-why-your-website-needs-a-robust-dmarc-report-monitoring-tool/)[  Foundational 7m  4 sectors that need email authentication the most and why  Oct 15, 2024 ](/blog/4-sectors-that-need-email-authentication-the-most-and-why/)[  Foundational 4m  7 DMARC Management Service Providers Besides Dmarcian  Nov 7, 2023 ](/blog/7-dmarc-management-service-providers-besides-dmarcian/)[  Foundational 4m  8 Misconceptions About DMARC and its Deployment for Businesses  Dec 4, 2023 ](/blog/8-misconceptions-about-dmarc-and-its-deployment-for-businesses/)

```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"DMARC Update: RFC is Considering To Replace the ‘pct’ Tag in DMARC With ‘t=’ Tag","description":"A change is expected in the DMARC policy settings as IETF has introduced a draft that reports replacing the ‘pct’ tag with the ‘t=’ tag to overcome some.","url":"https://dmarcreport.com/blog/dmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag/","datePublished":"2024-01-05T09:48:13.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-01-05T09:48:13.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/adam-lundrigan/#person","name":"Adam Lundrigan","url":"https://dmarcreport.com/authors/adam-lundrigan/","jobTitle":"CTO","description":"Adam Lundrigan is the Chief Technology Officer of DuoCircle, where he leads engineering across DMARC Report, AutoSPF, and the company's email security portfolio. His technical focus includes DMARC report processing infrastructure, DNS monitoring systems, and the SPF evaluation logic that powers DuoCircle's authentication tools.","image":"https://media.mailhop.org/dmarcreport/images/authors/adam-lundrigan.jpg","knowsAbout":["DMARC Report Processing","DNS Architecture","Email Authentication","SaaS Engineering","DNS Monitoring","Infrastructure Automation"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/adamlundrigan/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/dmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag/"},"articleSection":"foundational","keywords":"DMARC, dmarc record, email security","wordCount":786,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"DMARC Update: RFC is Considering To Replace the ‘pct’ Tag in DMARC With ‘t=’ Tag","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"DMARC Update: RFC is Considering To Replace the ‘pct’ Tag in DMARC With ‘t=’ Tag","item":"https://dmarcreport.com/blog/dmarc-update-rfc-considering-to-replace-pct-tag-with-t-tag/"}]}
```