Definition of "pct" parameter - Githubissues

ietf-wg-dmarc / dmarc-draftissues

1 stars 0 forks source link

Definition of "pct" parameter #5

Closed ietf-svn-bot closed 3 years ago

ietf-svn-bot commented 9 years ago

owner:todd.herr@valimail.com resolution_wontfix type_defect | by superuser@gmail.com

Message-ID: 54AB056C.2090101@bluepopcorn.net Date: Mon, 05 Jan 2015 13:43:08 -0800 From: Jim Fenton fenton@bluepopcorn.net To: "dmarc@ietf.org" dmarc@ietf.org Subject: [dmarc-ietf] Comments on dmarc-base-09

[...] Section 5.3, definition of pct: parameter: "However, this MUST NOT be applied to the DMARC-generated reports, all of which must be sent and received unhindered." This is strong normative language, but there is no procedure specified anywhere for how to identify a DMARC-generated report in order to apply this requirement. Consider the possibility that bad actors may try to craft messages to look like DMARC reports. [...]

Issue migrated from trac:5 at 2022-01-24 16:13:48 +0000

ietf-svn-bot commented 6 years ago

@kboth+ietf@drkurt.com set component to dmarc-future-notes

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com changed component from dmarc-future-notes to dmarc-bis

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com changed status from new to accepted

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com set owner to todd.herr@valimail.com

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com commented

In keeping with ticket #47, I recommend that the following text be removed:

pct:
:   (plain-text integer between 0 and 100, inclusive; OPTIONAL;
default is 100).  Percentage of messages from the Domain Owner's
mail stream to which the DMARC policy is to be applied.  However,
this MUST NOT be applied to the DMARC-generated reports, all of
which must be sent and received unhindered.  The purpose of the
"pct" tag is to allow Domain Owners to enact a slow rollout
enforcement of the DMARC mechanism.  The prospect of "all or
nothing" is recognized as preventing many organizations from
experimenting with strong authentication-based mechanisms.  See
(#message-sampling) for details.  Note that random selection based on
this percentage, such as the following pseudocode, is adequate:

    if (random mod 100) < pct then
      selected = true
    else
      selected = false

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com changed _comment0 which not transferred by tractive

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com commented

Valimail data on 22 March 2021:

74790 DMARC records examined
 5548 have pct= tag
 5066 of those with pct= defined have pct=100
  482 of those with pct= defined have pct= other than 100
   53 of those with pct= defined have pct=0

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com changed status from accepted to closed

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com set resolution to wontfix

ietf-svn-bot commented 3 years ago

@todd.herr@valimail.com commented

Ticket #47 (remove pct= tag) overrides this one, so closing this one.