Rolf - While I can't release specific data, I can confirm that as a major sender we carefully evaluated the risk/reward calculation and came to the same conclusion that Paul indicated.
I'm sure that every deployer will want to run their own analysis to determine their own threshold of acceptable mistakes, but we determined that significantly less than 1% of our email was effected. As such, the benefits far outstripped the concerns. By a considerable margin. As always, YMMV, Trent On 3/12/14 6:15 PM, Paul Midgen wrote: > Hi Rolf, > > I will try to dig up what I presented at MAAWG while still a Hotmail > employee, if it is something that can be released outside the membership. > > What would be far better is if the current folks in anti-spam/delivery > roles at Outlook, Gmail, and so on could release current data. I know > they're on this list, would love to see them refresh the data. ;) > > -p > > > On Wed, Mar 12, 2014 at 4:33 PM, Rolf E. Sonneveld > <[email protected] <mailto:[email protected]>> wrote: > > Hi, Paul, > > On 03/12/2014 02:11 AM, Paul Midgen wrote: > > Hey Jonas, > > > > Well-written article, thanks for putting it out there and > advocating > > folks use DMARC. > > > > One request, if you ever amend/update the article, and specifically > > since you're speaking to high-volume receivers, is to qualify the > > remarks regarding use of forensic reporting with the point the core > > DMARC contributors have been making: make an informed decision > based > > on your knowledge of the sort of traffic you receive; use local > policy > > to inform the decision to apply strong policies or send forensic > > reports, as well as drive the level of redaction applied to such > reports. > > > > Advocating that high-volume receivers turn off forensic > reporting due > > to concerns of list membership leakage is also an argument for not > > honoring quarantine and reject policies, which some of the > high-volume > > receivers participating in the development phase of DMARC showed > > rather exhaustively to be safe when selectively applied based on > local > > policy. > > > > The same research also showed that the benefit realized by > reduction > > in exposure to email-borne threats outweighed the risk of loss > in what > > amounted to a fraction of a percent of the total post-filter > traffic > > received by such domains. > > Can you please provide a pointer to the research report? I'm eager to > learn how these risks and benefits are computed and I'm interested to > learn exact figures about loss of legitimate mail due to DMARC reject > policies. > > Regards, > /rolf > > > > > _______________________________________________ > dmarc-discuss mailing list > [email protected] > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well terms > (http://www.dmarc.org/note_well.html) -- J. Trent Adams Profile: http://www.mediaslate.org/jtrentadams/ LinkedIN: http://www.linkedin.com/in/jtrentadams Twitter: http://twitter.com/jtrentadams _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
