Closed ietf-svn-bot closed 3 years ago
@kboth+ietf@drkurt.com set component to dmarc-future-notes
@todd.herr@valimail.com changed component from dmarc-future-notes
to dmarc-bis
@todd.herr@valimail.com changed status from new
to accepted
@todd.herr@valimail.com set owner to todd.herr@valimail.com
@todd.herr@valimail.com commented
In keeping with ticket #47, I recommend that the following text be removed:
pct:
: (plain-text integer between 0 and 100, inclusive; OPTIONAL;
default is 100). Percentage of messages from the Domain Owner's
mail stream to which the DMARC policy is to be applied. However,
this MUST NOT be applied to the DMARC-generated reports, all of
which must be sent and received unhindered. The purpose of the
"pct" tag is to allow Domain Owners to enact a slow rollout
enforcement of the DMARC mechanism. The prospect of "all or
nothing" is recognized as preventing many organizations from
experimenting with strong authentication-based mechanisms. See
(#message-sampling) for details. Note that random selection based on
this percentage, such as the following pseudocode, is adequate:
if (random mod 100) < pct then
selected = true
else
selected = false
@todd.herr@valimail.com changed _comment0 which not transferred by tractive
@todd.herr@valimail.com commented
Valimail data on 22 March 2021:
74790 DMARC records examined
5548 have pct= tag
5066 of those with pct= defined have pct=100
482 of those with pct= defined have pct= other than 100
53 of those with pct= defined have pct=0
@todd.herr@valimail.com changed status from accepted
to closed
@todd.herr@valimail.com set resolution to wontfix
@todd.herr@valimail.com commented
Ticket #47 (remove pct= tag) overrides this one, so closing this one.
owner:todd.herr@valimail.com
resolution_wontfix
type_defect
| by superuser@gmail.comMessage-ID: 54AB056C.2090101@bluepopcorn.net Date: Mon, 05 Jan 2015 13:43:08 -0800 From: Jim Fenton fenton@bluepopcorn.net To: "dmarc@ietf.org" dmarc@ietf.org Subject: [dmarc-ietf] Comments on dmarc-base-09
[...] Section 5.3, definition of pct: parameter: "However, this MUST NOT be applied to the DMARC-generated reports, all of which must be sent and received unhindered." This is strong normative language, but there is no procedure specified anywhere for how to identify a DMARC-generated report in order to apply this requirement. Consider the possibility that bad actors may try to craft messages to look like DMARC reports. [...]
Issue migrated from trac:5 at 2022-01-24 16:13:48 +0000