Colleagues, We looked at data covering a time period of several months and more than a quarter of a trillion DMARC pass results to get a sense for the impact of what a change to DKIM-only might mean for DMARC. Here's what we found.
- 3.65% of all DMARC passes recorded had only an aligned SPF pass - 1.35% of all DMARC passes recorded had only an aligned SPF pass and no DKIM signature - 2.28% of all DMARC passes recorded with p=quarantine or p=reject had only an aligned SPF pass - 0.89% of all DMARC passes recorded with p=quarantine or p=reject had only an aligned SPF pass and no DKIM signature Relatively small percentages, I'll grant you, but rather a large sample size. As for domains, looking across many tens of thousands of domains... - For 60% of all domains with DMARC pass verdicts, at least some of those passes had only an aligned SPF pass - For 32.7% of all domains with DMARC pass verdicts, at least some of those passes had only an aligned SPF pass and the prevailing DMARC policy was either quarantine or reject We also found that of the mailing services used by our customers that we refer to as "configurable" (meaning that they support one or both of an aligned SPF and aligned DKIM configuration), 44.2% of those configurable services currently only support aligned SPF. We also found that among our customers who use these services that only support aligned SPF, the average number of such services used is three. When I look at these numbers (and others that have been presented on this list) I see more evidence of what Mr. Kitterman termed "poor deployments of the protocol(s)", and I believe those problems should be fixed. I just don't think that changing the DMARC protocol to force the fix is the right way to go here. -- *Todd Herr * | Technical Director, Standards & Ecosystem *e:* [email protected] *p:* 703-220-4153 *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
