Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dmarcbis-03.txt

Alessandro Vesely <vesely@tana.it> Fri, 20 August 2021 18:34 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD1653A1F5D for <dmarc@ietfa.amsl.com>; Fri, 20 Aug 2021 11:34:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.911
X-Spam-Level: **
X-Spam-Status: No, score=2.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, GB_SUMOF=5, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, T_SPF_HELO_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fJVIiJFTCNXb for <dmarc@ietfa.amsl.com>; Fri, 20 Aug 2021 11:34:31 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 892503A1F70 for <dmarc@ietf.org>; Fri, 20 Aug 2021 11:34:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1629484462; bh=KLxmNYd08CC7Y4T8dzpZTBe121nkrRwBb1LLwbOdsZ8=; l=2736; h=To:References:From:Date:In-Reply-To; b=C6GdMeIVAPR7s5O85jV7gdlKWAf+YfSGapsgcre+62NK5+91/rMYtXuFW0mGzZNZ1 4479o6wm9VtaJz9+GlSqoaIZemHJ0MkGaD2w7B2NK1TPHAZOLjNY/TC/+I+tq8eN78 ioXQgJEPDVU38tWm/vc8U5i2YlESLXR2x7n3A3QH72zxHm8sy8TmXbW/H9Pjh
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [192.168.1.103] ([2.198.14.129]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0CD.00000000611FF5AE.00004576; Fri, 20 Aug 2021 20:34:22 +0200
To: dmarc@ietf.org, Todd Herr <todd.herr@valimail.com>
References: <162931752865.27585.10197515584988072678@ietfa.amsl.com> <CAHej_8mcwKcjwxV09_6ENrOnh5t+seDv_kTZiO0mgyRS2BVgTA@mail.gmail.com> <3e4b2087-a866-6f66-3964-71a3c67eab8b@tana.it> <CAHej_8kVW8daPQhghouneRS37WhaCHo4Os6Ggd43FbOpo=ri6A@mail.gmail.com> <53fb93f5-4bf7-2cd7-f889-7299f2d6d7f1@tana.it>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <f0f2f1d5-424c-4cdc-f3a0-88e3b149552d@tana.it>
Date: Fri, 20 Aug 2021 20:34:21 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <53fb93f5-4bf7-2cd7-f889-7299f2d6d7f1@tana.it>
Content-Type: multipart/mixed; boundary="------------49F9370DDFF2D3AF1BF52705"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/rgrzgeiW1BzI8XWuHXRm0ajDogM>
Subject: Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-dmarcbis-03.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Aug 2021 18:34:38 -0000

On Thu 19/Aug/2021 20:36:08 +0200 Alessandro Vesely wrote:
> Now it's about dinner time and I'm not willing to program a binary 
> distribution for a decently high number of trials.


Today I took the time to compute it.  Consider the values of k that 
are acceptable up to a rounding error.  That is, for pct=20 and n = 10 
we have k = 1, 2.  Both values of k approximate the expected 
percentage, so we consider their sum as the probability that the 
result of applying the specified algorithm is acceptable.  As n grows, 
so grow the acceptable k's.  The results are as follows:

      n | low k | high k | probability that the result of applying
        |       |        | the specified algorithm is acceptable
-------+-------+--------+-------------------------------------
     10 |     1 |      2 | 0.570425
    100 |    15 |     24 | 0.788203
   1000 |   150 |    249 | 0.999913
  10000 |  1500 |   2499 | 1.000000

That proves that as the number of failed DMARC checks raises, the 
specified algorithm tends to deliver the exact result.

I attach a program to compute those figures in case anyone likes to 
review its correctness.


Best
Ale
--