When you're setting up DMARC for your domain, you'll be creating a TXT record in your DNS. This record is made up of a series of tags, each separated by a semicolon. These tags are instructions for receiving mail servers. The very first tag you'll encounter, and the most important one to start with, is the v tag.
The v tag simply stands for 'version'. Its purpose is to identify the record as a DMARC record and to specify which version of the DMARC protocol is being used. As DuoCircle explains, this tag is used to represent the DMARC protocol version. For any DMARC record to be valid, it must start with this tag, and the value must be v=DMARC1.
Are there other versions of DMARC?
This is a common question, but the answer is straightforward: no. While the tag system was designed to accommodate future updates to the DMARC protocol, only the initial version, DMARC1, has ever been specified and used. So, for all practical purposes, this tag will always be v=DMARC1.
When creating your record, remember these key points:
- It must be first. The version tag must always be the first tag in your DMARC record.
- The value is specific. The value must be DMARC1, with 'DMARC' in uppercase.
- It's the only one. There are no other versions like 'DMARC2' currently in use.
Why is the `v` tag so important?
The importance of the version tag cannot be overstated. It acts as the identifier that tells a receiving mail server, "This is a DMARC record, and you should process it as such." If the v=DMARC1 tag is missing, misspelled, or in the wrong place, the entire record will be ignored. As the official IETF draft documentation states, receiving servers will simply discard records that don't start correctly.
This means your DMARC policy would not be enforced, leaving your domain vulnerable to spoofing and phishing attacks, which is exactly what DMARC is designed to prevent.
Putting it all together: a DMARC record example
A very basic DMARC record looks like this:
v=DMARC1; p=none;
Here, v=DMARC1 identifies the record and its version. The p=none tag specifies the policy, which in this case tells receivers to take no action against emails that fail DMARC checks, but still allows for reporting. Every DMARC record, no matter how complex, must begin with the version tag.
Final thoughts
In summary, the DMARC version specified by the v tag is DMARC1. It's a simple but non-negotiable part of the DMARC standard. It must always be the first tag in the record, and its value is always the same. Getting this small detail right is the first and most critical step in correctly configuring DMARC to protect your domain's email reputation.
