Understanding "Sampled_Out" in DMARC Aggregate Reports

One of the key components of DMARC is its ability to generate aggregate reports, which summarize the results of email authentication checks. Within these reports, you may encounter the term "sampled_out", which might leave you wondering what it means and how it impacts your email security strategy.

What does "Sampled_Out" mean?

sampled_out:  The message was exempted from the application of policy by the "pct" tag in the DMARC policy record. (source: RFC7489)

In DMARC, the "pct" tag specifies the percentage of messages from a domain that should be subject to DMARC policy enforcement. This provides domain owners with flexibility in gradually implementing their DMARC policies without fully enforcing them on all emails immediately.

When a domain owner sets the "pct" value to something less than 100%, only a portion of the email messages are subjected to DMARC authentication checks. The emails that fall outside of the selected percentage are labeled as "sampled_out" and are exempt from the policy enforcement. This helps to reduce the volume of emails processed and reported during the policy rollout.

DMARC record example with “pct” tag:
v=DMARC1; p=reject; pct=25; rua=mailto:dmarc-reports@yourdomain.com;