Hi Rolf,
I will try to dig up what I presented at MAAWG while still a Hotmail employee,
if it is something that can be released outside the membership.
What would be far better is if the current folks in anti-spam/delivery roles at
Outlook, Gmail, and so on could release current data. I know they're on this
list, would love to see them refresh the data. ;)
-p
On Wed, Mar 12, 2014 at 4:33 PM, Rolf E. Sonneveld
<[email protected]> wrote:
> Hi, Paul,
> On 03/12/2014 02:11 AM, Paul Midgen wrote:
>> Hey Jonas,
>>
>> Well-written article, thanks for putting it out there and advocating
>> folks use DMARC.
>>
>> One request, if you ever amend/update the article, and specifically
>> since you're speaking to high-volume receivers, is to qualify the
>> remarks regarding use of forensic reporting with the point the core
>> DMARC contributors have been making: make an informed decision based
>> on your knowledge of the sort of traffic you receive; use local policy
>> to inform the decision to apply strong policies or send forensic
>> reports, as well as drive the level of redaction applied to such reports.
>>
>> Advocating that high-volume receivers turn off forensic reporting due
>> to concerns of list membership leakage is also an argument for not
>> honoring quarantine and reject policies, which some of the high-volume
>> receivers participating in the development phase of DMARC showed
>> rather exhaustively to be safe when selectively applied based on local
>> policy.
>>
>> The same research also showed that the benefit realized by reduction
>> in exposure to email-borne threats outweighed the risk of loss in what
>> amounted to a fraction of a percent of the total post-filter traffic
>> received by such domains.
> Can you please provide a pointer to the research report? I'm eager to
> learn how these risks and benefits are computed and I'm interested to
> learn exact figures about loss of legitimate mail due to DMARC reject
> policies.
> Regards,
> /rolf
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
