IETF Logo Mail Archive

Re: [ietf-dkim] Issue: implementation Report v02 - Removal of 1st vs 3rd party statistics

Hector Santos <hsantos@isdg.net> Tue, 05 October 2010 12:57 UTC

Return-Path: <ietf-dkim-bounces@mipassoc.org>
X-Original-To: ietfarch-ietf-dkim-archive@core3.amsl.com
Delivered-To: ietfarch-ietf-dkim-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 19AE73A6F2A for <ietfarch-ietf-dkim-archive@core3.amsl.com>; Tue, 5 Oct 2010 05:57:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.961
X-Spam-Level:
X-Spam-Status: No, score=-5.961 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599, J_CHICKENPOX_41=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cg12Qba0oWUt for <ietfarch-ietf-dkim-archive@core3.amsl.com>; Tue, 5 Oct 2010 05:57:27 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by core3.amsl.com (Postfix) with ESMTP id 038913A6F24 for <ietf-dkim-archive@ietf.org>; Tue, 5 Oct 2010 05:57:27 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [127.0.0.1]) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id o95CvPws008324; Tue, 5 Oct 2010 05:57:31 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=mipassoc.org; s=k00001; t=1286283451; bh=bgSVhVb9FW18/BvsNLiVXK6nIKA=; h=Message-ID:Date: From:MIME-Version:To:References:In-Reply-To:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: Content-Type:Content-Transfer-Encoding:Sender; b=fcK9JvU+tz1zkMw3U wypa7eVGuUNSEmfWl6xCfTGh/xQg6Y/+KOs7SqBTfvyPFomAVoVm77FhAeg9PsuPrvF DWHuAr/v2tANGar1d8NXPJa9TEfceu/XY0Pf9hR/oBB8kWGXbmDhFDE0wYEUoLQf8JH Hc0dWhLvIkgfpF62tvbY=
Received: from mail.winserver.com (dkim.winserver.com [208.247.131.9]) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id o95Cq2r2007922 for <ietf-dkim@mipassoc.org>; Tue, 5 Oct 2010 05:52:09 -0700
Authentication-Results: sbh17.songbird.com; dkim=pass (1024-bit key) header.i=@isdg.net
Received: by winserver.com (Wildcat! SMTP Router v6.3.453.5) for ietf-dkim@mipassoc.org; Tue, 05 Oct 2010 08:51:09 -0400
Received: from opensite.winserver.com (beta.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v6.3.453.5) with ESMTP id 540910734; Tue, 05 Oct 2010 08:51:07 -0400
Received: by beta.winserver.com (Wildcat! SMTP Router v6.3.453.2) for ietf-dkim@mipassoc.org; Tue, 05 Oct 2010 08:51:23 -0400
Received: from [192.168.1.101] ([99.3.147.93]) by beta.winserver.com (Wildcat! SMTP v6.3.453.2) with ESMTP id 2576206187; Tue, 05 Oct 2010 08:51:22 -0400
Message-ID: <4CAB1F23.4060403@isdg.net>
Date: Tue, 05 Oct 2010 08:50:43 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: ietf-dkim@mipassoc.org
References: <AANLkTi=ukF2B-UJsooQKSxOfz54-Dsye0RPG_swLpWxn@mail.gmail.com> <4CAA4EF9.1090009@isdg.net> <9B1C3420-44CE-45D8-8AF9-4D3497B5FC77@cox.com> <F5833273385BB34F99288B3648C4F06F1340BA36AB@EXCH-C2.corp.cloudmark.com> <4CAA9839.1090706@isdg.net> <5747412B6D396EF01C937C77@lewes.staff.uscs.susx.ac.uk>
In-Reply-To: <5747412B6D396EF01C937C77@lewes.staff.uscs.susx.ac.uk>
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0 (sbh17.songbird.com [127.0.0.1]); Tue, 05 Oct 2010 05:57:31 -0700 (PDT)
X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.70]); Tue, 05 Oct 2010 05:52:09 -0700 (PDT)
Subject: Re: [ietf-dkim] Issue: implementation Report v02 - Removal of 1st vs 3rd party statistics
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-dkim-bounces@mipassoc.org
Errors-To: ietf-dkim-bounces@mipassoc.org

Ian Eiloart wrote:

>> -1
>>
>> It is extremely relevant.
> 
> 
> The data is there. The numbers can be calculated from the sample size 
> (~500k) and the proportions. They're nowhere near the numbers 
> ("Originator signatures: 1.2 billion Third-party signatures:  184 
> million") that you quoted in another email, which also don't match the 
> proportions that you quoted. Where did 1.2 billion come from?

Sounds like revision v02 is already having its intended effect.

Ian, see the previous revision v01 section 4.2

http://tools.ietf.org/html/draft-ietf-dkim-implementation-report-01#section-4.2

In fact, what was left in rev 02 was Murry's 78.9% for the OpenDKIM 
observation of 1st vs 3rd.  What was removed was the AOL data point. I 
stated it as 86% here:

      http://mipassoc.org/pipermail/ietf-dkim/2010q3/014556.html

> "Third party" is somewhat of a leap from "the domains don't match".

Third party per RFC 5016 is well defined.

> For example, if the from header is in the domain "example.com" and we see 
> "d=foo.example.com", is that really a third party signature? Perhaps 
> some clarity of whether subdomains were permitted to match would be 
> useful.*

It doesn't matter.  The Observed data is what counts. Per RFC 5016 
definitions, this is what we got X for that, Y for this.

> Oh, and are you thinking this is about implementation of ADSP? 

As an engineer I look at data, look for patterns, see how they 
correlate to logical protocols and even justify experiments and 
problem solving.

To me, the data points show there is a strong 1st party stream of 
mail.  POLICY would be important here.  But that is not what the 
report is about.

For example, if the report showed the opposite, over 70% of the mail 
stream was 3rd party (5322.From != DKIM.d per RFC 5016), rest assured, 
we would be hearing how much POLICY or ADSP is insignificant and 
should be deprecated - and I would AGREE.

The reality is the overwhelming 1st party mail continues to justify a 
need for policy.  But that is my interpretation, not what the report 
is about.

> I think 
> it's supposed to be about implementation of DKIM, so that DKIM can be 
> progressed. Please don't let a misunderstanding hold that process up.

Its not an mis-understanding.  There is nothing holding back DKIM but 
this constant interference with the reality.  Embrace and see how 
things change. What the factoid removal does is goes against chartered 
itemize goals of #2, #3 and #4.

> * It would be interesting to know what proportions of author addresses 
> were subdomains of the d= value, and vice-versa. Even to know if the 
> domains share common whois registrations (like foo.example.com and 
> bar.example.com) would be nice, though harder to do. Having said all 
> that, I have my own log files that I could analyze, so I'll shut up.

Your, all data would be welcomed too.

Soon I will have accumulated data as well.  Currently working out how 
to present them in our web-view of the statistics.  IOW, adding 
DKIM/POLICY related columns to these statistics:

      http://www.winserver.com/public/spamstats.wct

-- 
HLS



_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

v2.23.0 | Report a Bug | By Email