IETF Logo Mail Archive

Re: [dmarc-ietf] Ratchets - Disallow PCT 1-99

Alessandro Vesely <vesely@tana.it> Wed, 21 July 2021 17:26 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBD0F3A204F for <dmarc@ietfa.amsl.com>; Wed, 21 Jul 2021 10:26:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.1
X-Spam-Level:
X-Spam-Status: No, score=-0.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, PDS_OTHER_BAD_TLD=1.999, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BpFzNe_YSfAE for <dmarc@ietfa.amsl.com>; Wed, 21 Jul 2021 10:26:26 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17D3E3A204A for <dmarc@ietf.org>; Wed, 21 Jul 2021 10:26:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1626888382; bh=/Ft3Uahuv6LSQHyUvvRG5TevEiaY3uJRi3Ff83d61uo=; l=8112; h=To:References:From:Date:In-Reply-To; b=ADy3IZ7KnL0oEZ129SODkNYeJF+7rgFHmSQUK4zEd6nsn4nxX0NZ2Xi+bJK8HDkbw m3jcU9kL3ruD/cshgMf84sTO1/ozlHaEh9QpoXRatvwPCJH03qv/oiEY2MKLeNeJZ2 irzr0pKKMjIQyJ/aiyEHx0i4A2wnsQsREhrQX/ea47GccHA4/D264q+9Uwbvo
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC008.0000000060F858BD.000075E3; Wed, 21 Jul 2021 19:26:21 +0200
To: dmarc@ietf.org
References: <CAHej_8=yvgXP2WgHayhGU2Hg2E0RcNgZBFjfw1cM-qKWkTG-+w@mail.gmail.com> <CAH48Zfys9cwTskjjdeJ14Y-wDBuqLseDEEiNvwC9BonLAwMyVw@mail.gmail.com> <CAHej_8mTF7DFwDiCHBq_mK40E+vuFS6iB+MQ3Co3pS=ZdqXkcg@mail.gmail.com> <CAH48ZfwUAfwG93ZOoFp+Xbor-chZ-X0Pbd9OGdAs3mxsTFHxEw@mail.gmail.com> <CALaySJJwS=OvWZypbfTHsdjSLeMNFaq5TM7De0MrQO32fz-cHg@mail.gmail.com> <99d648e3-9f72-393a-a16e-225e340a8152@gmail.com> <AD1B50E9-8B8D-42E2-8BF6-818456D7505D@wordtothewise.com>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <859c3867-9c1f-a3a4-9705-73d3fb9f7f64@tana.it>
Date: Wed, 21 Jul 2021 19:26:21 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <AD1B50E9-8B8D-42E2-8BF6-818456D7505D@wordtothewise.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/t-4Zv_DyEYzkSllT-wOAU1H1VK8>
Subject: Re: [dmarc-ietf] Ratchets - Disallow PCT 1-99
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jul 2021 17:26:33 -0000

On Wed 21/Jul/2021 10:28:36 +0200 Laura Atkins wrote:
> [deprecate PCT entirely] is going to cause difficulties in deployment for a
> lot of companies and domains. Experience tells us that p=quarantine pct=0
> detects forwarders and other types systems that modify and break DMARC
> authentication. These systems are undetectable when p=none is in place.

+1, although some DMARC records in the wild betray a poor understanding of how it works, pct is a useful ratchet and we should keep it.


> I understand and support removing PCT 1 - 99, but think that removing pct=0 
> will make it even more difficult for companies to deploy DMARC.


My main objection to removing pct 1-99 is that it would make for a nasty wording, not to mention the hassle of backward compatibility.  (Didn't we say we're not going to make DMARCv2?)

Indeed, since pct=100 is the default, what would we use for pct=0?  Just-kidding=1?

In addition, since I cash domain data and have a sample of 121,329 domain records, 5,980 (~4.9%) of which have a DMARC record, I can try to answer the question that John asked yesterday at 5pm.  Some domains do seem to evolve their pct.  I found 214 domains having a two-digit pct.  It is only ~3.6% of DMARC records, but, if you concede any statistical relevance to my data, it proves that the pct feature is more or less as important to DMARC as DMARC itself is important to email in general.  That is, by domain numbers, even if it is not so important, oversimplifying feels like throwing the baby out with the bathwater.

Of those 214 domains experimenting with pct, 115 (~53.7%) did not change it yet, 51 (~23.8%) failed to serve a DMARC record, 43 (~20%) raised it to full percentage, and 5 (~2.3%) played other changes.  Change details are as follows, newest to oldest:

umn.edu                       had      pct=0  on 2021-07-21 15:54:31,  now    pct=100
constantcontact.com           had     pct=10  on 2021-07-21 05:30:27,  now    pct=100
nannyjob.co.uk                had     pct=50  on 2021-07-20 21:06:47,  now    default
mailerlite.com                had      pct=5  on 2021-07-20 16:48:01,  now    pct=100
kernel.org                    had      pct=1  on 2021-07-18 20:25:34,  now    default
db.com                        had     pct=15  on 2021-07-14 16:12:38,  now     pct=25
developers.italia.it          had      pct=5  on 2021-07-13 19:19:45,  now    default
revfr.today                   had     pct=30  on 2021-07-12 16:29:08,  now  not found
caser.today                   had     pct=30  on 2021-07-12 05:31:20,  now  not found
ericsson.com                  had      pct=0  on 2021-07-08 10:53:37,  now    default
crif.com                      had     pct=25  on 2021-07-06 14:28:33,  now    default
p-a-finbergadvisor.com        had      pct=1  on 2021-06-10 11:10:28,  now    default
economiasviluppo.com          had      pct=1  on 2021-06-07 22:07:50,  now    default
medody.com                    had     pct=40  on 2021-05-22 15:19:27,  now  not found
pafinberg.net                 had      pct=1  on 2021-05-21 09:07:51,  now    default
xss.de                        had      pct=1  on 2021-05-20 23:35:57,  now    default
paddle.com                    had      pct=5  on 2021-05-02 15:39:05,  now    pct=100
dnswl.org                     had     pct=25  on 2021-04-27 19:50:49,  now    default
rusoil.net                    had      pct=1  on 2021-04-22 20:35:12,  now    default
qa.jcb.co.jp                  had     pct=50  on 2021-03-12 17:58:04,  now    default
rni.com.pk                    had      pct=0  on 2021-03-11 04:00:07,  now  not found
cloudflare.com                had     pct=25  on 2021-03-08 17:50:09,  now    pct=100
nw.mailzaap.com               had      pct=5  on 2021-02-22 17:58:45,  now  not found
nw.risparmisubito.it          had      pct=5  on 2021-02-14 07:53:21,  now  not found
nw.promopremium.eu            had      pct=5  on 2021-02-13 14:54:37,  now  not found
nw.scontiok.com               had      pct=5  on 2020-12-15 16:05:54,  now  not found
hw.ac.uk                      had      pct=5  on 2020-11-30 17:32:15,  now    default
karta.website                 had     pct=30  on 2020-11-25 04:55:33,  now  not found
veicolimilano.it              had      pct=1  on 2020-10-07 02:02:26,  now    default
jagoanhosting.com             had     pct=80  on 2020-09-25 02:42:44,  now    default
vshosting.cz                  had      pct=1  on 2020-08-11 18:05:14,  now    default
techno-digm.com               had      pct=1  on 2020-08-05 08:45:36,  now  not found
nw.graziepromo.com            had      pct=5  on 2020-08-04 09:09:04,  now  not found
outreach.rehab4addiction.uk   had     pct=50  on 2020-07-31 10:09:39,  now     pct=20
xyonet.com                    had      pct=5  on 2020-07-30 22:57:33,  now    default
hanoi.gov.vn                  had     pct=20  on 2020-06-17 01:54:54,  now    default
silvanaeditoriale.it          had     pct=50  on 2020-05-08 17:22:06,  now     pct=25
hale.com.hk                   had     pct=90  on 2020-02-26 14:37:42,  now  not found
pasteur-cayenne.fr            had      pct=5  on 2019-12-27 04:27:44,  now     pct=90
nw.mailrogue.com              had      pct=5  on 2019-11-21 20:34:34,  now    default
delivery-571.info             had     pct=40  on 2019-11-10 12:31:25,  now  not found
opensystems.co.bw             had     pct=60  on 2019-10-17 01:26:10,  now  not found
pafinberg.com                 had     pct=20  on 2019-10-09 17:29:32,  now    default
efaxreceive.xyz               had     pct=40  on 2019-09-23 15:58:07,  now  not found
gameview.my                   had     pct=20  on 2019-09-18 07:58:00,  now  not found
nationizable.icu              had     pct=40  on 2019-09-02 17:16:37,  now  not found
designifican.icu              had     pct=40  on 2019-08-09 20:02:11,  now  not found
maersk.com                    had      pct=1  on 2019-07-17 09:03:42,  now    default
mebnet.net                    had     pct=20  on 2019-06-28 04:33:46,  now    default
qlc.in                        had      pct=5  on 2019-06-04 00:21:26,  now    default
primefinance.com              had     pct=15  on 2019-05-23 18:48:43,  now    default
corrlinks.com                 had     pct=25  on 2019-02-21 10:51:27,  now    default
0086.info                     had      pct=5  on 2019-02-03 17:30:23,  now  not found
studio-im.com                 had      pct=5  on 2019-01-24 13:39:42,  now  not found
crowdselector.eu              had     pct=40  on 2018-11-06 12:06:59,  now  not found
eehmke.de                     had     pct=25  on 2018-10-16 13:52:43,  now    default
learningcompass.ga            had     pct=50  on 2018-07-24 16:00:08,  now  not found
women.it                      had      pct=2  on 2018-05-30 17:48:18,  now  not found
ucdavis.edu                   had      pct=5  on 2018-04-29 04:19:01,  now    default
nasaprolifeone.com            had     pct=30  on 2018-02-20 03:30:01,  now  not found
korrumpedia.org               had     pct=30  on 2018-02-17 00:56:57,  now  not found
nasaprolifeadmin.com          had     pct=30  on 2018-02-15 23:59:32,  now  not found
campaniaorlreaders.com        had     pct=30  on 2018-02-15 22:47:03,  now  not found
campaniaorlreader.com         had     pct=30  on 2018-02-15 18:18:45,  now  not found
emailepost.com                had     pct=30  on 2018-02-15 14:36:54,  now  not found
servicepost.net               had     pct=30  on 2018-02-14 05:46:13,  now  not found
ipostica.com                  had     pct=30  on 2018-02-14 03:02:30,  now  not found
postaname.net                 had     pct=30  on 2018-02-13 16:48:51,  now  not found
nasaprolife.com               had     pct=30  on 2018-02-13 14:01:46,  now  not found
nuovoemail.net                had     pct=30  on 2018-02-13 12:38:22,  now  not found
postaspa.com                  had     pct=30  on 2018-02-07 04:22:28,  now  not found
polinpdg.ac.id                had     pct=10  on 2018-02-06 03:06:29,  now  not found
popularanimal.net             had     pct=30  on 2018-01-24 19:31:14,  now  not found
bnl.gov                       had     pct=10  on 2018-01-24 02:12:25,  now    pct=100
mail1.datongcloud.com         had     pct=50  on 2018-01-12 18:25:53,  now  not found
hulusungaitengahkab.go.id     had     pct=20  on 2018-01-01 04:08:33,  now    default
haladzhi.com.ua               had     pct=30  on 2017-11-24 01:59:41,  now  not found
demmarkita2.com               had     pct=20  on 2017-10-18 13:56:23,  now  not found
lada-date-brides.com          had     pct=30  on 2017-10-11 05:13:01,  now  not found
know.kiev.ua                  had     pct=30  on 2017-10-09 14:10:39,  now  not found
opentext.com                  had     pct=10  on 2017-09-28 22:43:18,  now    default
modernposta.net               had     pct=30  on 2017-09-25 15:29:03,  now  not found
stratoplan.ru                 had      pct=5  on 2017-09-18 04:56:28,  now    default
etc-brainwork-sev.com         had     pct=30  on 2017-09-12 21:52:19,  now  not found
aabl.in                       had     pct=50  on 2017-08-27 15:41:27,  now  not found
voxel.larrylarson.com.br      had      pct=5  on 2017-08-24 17:25:42,  now  not found
framestore.com                had      pct=6  on 2017-08-23 10:09:28,  now    pct=100
eu.org                        had     pct=10  on 2017-07-25 19:42:09,  now    default
terradox.ro                   had      pct=5  on 2017-07-03 07:35:55,  now  not found
macsales.com                  had      pct=0  on 2017-06-22 19:46:57,  now    pct=100
opayq.com                     had      pct=0  on 2017-06-09 12:44:37,  now     pct=10
ipoggioli.site                had      pct=0  on 2017-03-08 12:21:11,  now  not found
td-gratis.ru                  had     pct=25  on 2016-11-20 00:05:54,  now  not found
lqfconos.com                  had      pct=1  on 2016-10-24 20:00:38,  now    default
systemcentral.net             had      pct=1  on 2016-09-16 16:01:07,  now    default
spectranet.in                 had     pct=50  on 2016-03-14 11:38:23,  now  not found
unimelb.edu.au                had     pct=10  on 2016-02-28 02:36:47,  now    default
savages.com                   had      pct=5  on 2015-11-23 19:50:55,  now    default
waltermoreno.com              had      pct=1  on 2015-05-02 22:09:08,  now  not found


Best
Ale
--

v2.23.0 | Report a Bug | By Email