Re: [dmarc-ietf] Some Proposed Language for a New pct Tag Defintion

Dotzero <dotzero@gmail.com> Tue, 03 August 2021 00:15 UTC

Return-Path: <dotzero@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2D5C3A226F for <dmarc@ietfa.amsl.com>; Mon, 2 Aug 2021 17:15:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KSv3XDu0UrV8 for <dmarc@ietfa.amsl.com>; Mon, 2 Aug 2021 17:15:15 -0700 (PDT)
Received: from mail-qv1-xf36.google.com (mail-qv1-xf36.google.com [IPv6:2607:f8b0:4864:20::f36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 539223A2269 for <dmarc@ietf.org>; Mon, 2 Aug 2021 17:15:15 -0700 (PDT)
Received: by mail-qv1-xf36.google.com with SMTP id db14so9790966qvb.10 for <dmarc@ietf.org>; Mon, 02 Aug 2021 17:15:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7DpjPb7q+IhHpRu/tw9DCzxajf2Vm2KgFfammxcLdV0=; b=qWIj62k0ACtYDUCK4BDnmiDO5EQplPEUeMeK8FXToZqjL+cfsTp5vpe+iqOtOvl/Oy uNE+6LWnvXHHCAo7/kD6MPCAA6PVf1x8eSmkTKMcXp0hg9mniXQt/ZLBhn8SuOiS76/8 dpGakDg4hKcbsbUleWdVuZ1WFSuuEK1Bbnz+kgmSH3Jz6leUv5+L37V7LAsS48DcYH1b gOdJUdg1tqCb/lPCyPRgDKmrKW7+q9LXWN8NAGSltAoUKa8+ZQGQ6NWu3Aeush3drD+4 Hj3zjLClsytCr+6cXb8i+d7hSxyh6IfkBJHbW0Q6+gP5TeU9VTJTrIIqA/f7qVAd41q/ Xa7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7DpjPb7q+IhHpRu/tw9DCzxajf2Vm2KgFfammxcLdV0=; b=EoTXU7m0jhvRbX400Lv7eEy1i4o64OgnfhVp35ih3RiHdnByIcFveW+c9I7yk8KiN2 n7h4apcLwVBUXxD/dqEKhY0bUTglqVbLu2mfU8fQ2CirZmeG3feMwOrITmmGfSlS9mZi Bu6jzzRTgKdogH5Gu3c1yAp0zsOo+GgjJPuFXL6c/+SFzy10pGeNGIVcscwv6BdgsjiM z5eg+O0PHrLzVHwNDJIHfrJI1/6yDtJ1b4PGfAonmhgZ9P0kDSij6N2XGe9rsvNmbvaH htL3v2aCZR7AgvcIm7L7yBV40dc9Vuf3JF8PetOFX4n/LoV3ThmZmqfaddyx+7jwZfuq VPzA==
X-Gm-Message-State: AOAM530hSB1yDilWCWcaHWzOg+d4nAKKe3HFzLPCZhz9V2UQskvgUXEc RbYWHx4eim4VluCIiyLlnbv14TxE0fx9xzrp5K0=
X-Google-Smtp-Source: ABdhPJxFmY8wVeRk5rmhXy8yafJB6Rei4CYZalB5tMAEUaK3SlZsWeroDImdZK/Qe9BUdeNZB0OKIJfWYxV4o6xLP1Y=
X-Received: by 2002:a0c:c252:: with SMTP id w18mr10754229qvh.45.1627949713588; Mon, 02 Aug 2021 17:15:13 -0700 (PDT)
MIME-Version: 1.0
References: <CAHej_8m4W_k_r9SV6reNJA7aMGFCkK451tjvQGtrPNwRtJwC8A@mail.gmail.com> <20210731203844.1DBB42566507@ary.qy> <CAHej_8=LL_KWcVYnc2quYSGMnQF5bdoerDtTZZm1yGjxjCqW1Q@mail.gmail.com>
In-Reply-To: <CAHej_8=LL_KWcVYnc2quYSGMnQF5bdoerDtTZZm1yGjxjCqW1Q@mail.gmail.com>
From: Dotzero <dotzero@gmail.com>
Date: Mon, 2 Aug 2021 20:15:03 -0400
Message-ID: <CAJ4XoYcL3P9sNtnbXAmMYZ57e+ps2t=yUDQopXhsXhEccvWMsA@mail.gmail.com>
To: Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000064040205c89c9405"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/FyqNsYHTbtsazwRBGdzuyv2zTRg>
Subject: Re: [dmarc-ietf] Some Proposed Language for a New pct Tag Defintion
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Aug 2021 00:15:20 -0000

On Mon, Aug 2, 2021 at 3:49 PM Todd Herr <todd.herr=
40valimail.com@dmarc.ietf.org> wrote:

>
> On Sat, Jul 31, 2021 at 4:38 PM John Levine <johnl@taugh.com> wrote:
>
>> I'd make it a lot simpler:
>>
>>    pct:  (plain-text integer; OPTIONAL; default is 100).  For the
>>       RFC5322.From domain to which the DMARC record applies, the "pct"
>>       tag describes what receivers are requested to to do with unaligned
>> messages.
>>       This parameter does not affect the generation of DMARC reports.
>> Possible values are as follows:
>>
>>       0:  A request to not apply the policy, but for message forwarders
>>           to do whatever message rewriting they do that is intended to
>> avoid
>>           sending DMARC unaligned mail.
>>
>>       100:  The default, a request to apply the policy as specified.
>>
>>       Any other value: results are undefined.
>>
>>
>> I like simple, but I also like the idea of a separate section that
> discusses the history of the pct tag and why the old values won't work any
> longer.
>
> So, how about this:
>
>    pct:  (plain-text integer; OPTIONAL; default is 100).  For the
>
>       RFC5322.From domain to which the DMARC record applies, the "pct"
>
>       tag serves as a signal to the actor performing DMARC validation
>
>       checks as to whether or not the domain owner wishes the assessment
>
>       policy declared in the "p=" tag to actually be applied.  This
>
>       parameter does not affect the generation of DMARC reports.
>
>       Possible values are as follows:
>
>
>       0:  A request that the actor performing the DMARC validation check
>
>          not apply the policy, but instead apply any special handling
>
>          rules it might have in place.  See Section 6.7.4 for further
>
>          details.
>
>
>       100:  The default, a request to apply the policy as specified to
>
>          any message that produces a DMARC "fail" result.
>
>
> And this:
>
>
> 6.7.4.  History of the "pct" Tag
>
>
>    An earlier experimental version of the DMARC protocol [RFC7489]
>
>    specified all integers from 0 to 100 inclusive as valid values for
>
>    the pct tag.  The intent of the tag was to provide domain owners with
>
>    a method to gradually change their preferred assessment policy (the
>
>    p= tag) from 'none' to 'quarantine' or from 'quarantine' to 'reject'
>
>    by requesting the stricter treatment for just a percentage of
>
>    messages that produced DMARC results of "fail".
>
>
>    Operational experience showed that the pct tag did not function as
>
>    intended due to many factors, and so this version of the DMARC
>
>    protocol has eliminated all possible values save for "100", which
>
>    remains the default, and "0".  The value of "0" took on unintended
>
>    significance during the experimental stage as a value used by some
>
>    intermediaries and mailbox providers as an indicator to either
>
>    deviate from standard handling of the message and/or to alter the
>
>    substance of reports generated, and these "custom" actions proved too
>
>    valuable to the email community to remove from this version of the
>
>    protocol.
>

"6.7.4.  History of the "pct" Tag


   An earlier experimental version of the DMARC protocol [RFC7489]..."


RFC7489 is Informational, not experimental. In IETF nomenclature,
experimental status has a specific meaning.


Michael Hammer