subject:"\[mailop\] DMARC\: Anyone using pct=n with n \!=0 and n \!=100\?"

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-24 Thread A. Schulze via mailop


Am 23.08.2021 um 19:26 schrieb John R Levine:


yes, I mean the daily aggregated reports, we review them at all once a month


I'm confused.  Since the pct doesn't affect the reports, what's the point?
Once you get the number of failures low enough, just set pct=100 and be done 
with it.


sorry, that I'm  confusing :-)

I mean, we use our monthly review to decide if we're low enough.
Currently we aren't and still stay at pct=50

the question was "Anyone using pct=n with n !=0 and n !=100?"
and I answerd "yes, I do: datev.de/p=quarantine/pct=50"

Andreas


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-23 Thread John R Levine via mailop


On Mon, 23 Aug 2021, A. Schulze wrote:

Am 21.08.2021 um 20:30 schrieb John Levine:

It appears that A. Schulze via mailop  said:

We review the reports once per month and inverstigate findings
Depending on the current situation we plan to increase pct=


If you mean the DMARC aggregate and failure reports, are you aware that the 
pct=N setting

does not affect the reports at all?


yes, I mean the daily aggregated reports, we review them at all once a month


I'm confused.  Since the pct doesn't affect the reports, what's the point?
Once you get the number of failures low enough, just set pct=100 and be 
done with it.


Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-22 Thread A. Schulze via mailop


Am 21.08.2021 um 20:30 schrieb John Levine:

It appears that A. Schulze via mailop  said:

We review the reports once per month and inverstigate findings
Depending on the current situation we plan to increase pct=


If you mean the DMARC aggregate and failure reports, are you aware that the 
pct=N setting
does not affect the reports at all?


yes, I mean the daily aggregated reports, we review them at all once a month
Andreas
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-22 Thread Ralph Seichter via mailop

* Jaroslaw Rafa via mailop:

> No RFC *obligates* any recipient to honor DMARC *at all*.

Obviously, so why the emphasis? RFCs have only ever been attempts to
establish a reasonable consensus, or as Captain Barbossa put it, "a RFC
is more what you'd call 'guidelines' than actual rules."

> You cannot treat "not applying policies at all" as anything bad.

Actually, I can do whatever I please with my mail servers, as can other
entities. For example, Google won't accept our mail unless we properly
set up DMARC. That's their prerogative, and it does not matter if I like
it or not (I actually do). I choose not to accept mail from certain
dialup connections.

However, the freedom of choice is beside the point I was trying to
make. I wonder if a sending party is worse off if (a) their DMARC policy
is ignored altogether or (b) the policy is not honored in its entirety,
including a sampling percentage. For me personally, (b) is worse because
it might cause mail sent from my servers to not reach the intended
recipients.

-Ralph
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-22 Thread Jaroslaw Rafa via mailop

Dnia 22.08.2021 o godz. 13:46:40 Ralph Seichter via mailop pisze:
> 
> Personally, I wonder what is the worse type of recipient: Those ignoring
> "pct=" and applying the policy to all emails or those not applying
> policies at all.

No RFC *obligates* any recipient to honor DMARC *at all*.
Nobody has any obligation to check SPF, DKIM or DMARC on incoming mail.
All these are *completely optional* and the fact that the sender does
publish the approppriate records in DNS and/or DKIM signs their message does
not obligate the recipient to check/verify this in any way.

You cannot treat "not applying policies at all" as anything bad. Ignoring
SPF/DKIM/DMARC is a completely normal behavior. It's just like a B&W monitor
ignoring the color signal, but still being compatible with the standards and
able to display the image. Or someone using a classical 2G mobile phone to
just make a voice call, ignoring the fact that the network can also carry
4G LTE (because he hasn't any need to use it).
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-22 Thread Ralph Seichter via mailop

* Antonie Popovic via mailop:

> Sorry to break it to you, but the bad news about the pct tag is that
> not everyone respects it.

Indeed. In the case of DMARC, the receiving side is obviously always the
one to decide if (and which) actions are taken based on DMARC policies.

Personally, I wonder what is the worse type of recipient: Those ignoring
"pct=" and applying the policy to all emails or those not applying
policies at all.

-Ralph
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-22 Thread Alessandro Vesely via mailop



There are (a minority of?) providers who don't respect the pct= tag, or treat 
it badly, as Toni says.  There are also users who misunderstand its meaning 
(pct=200).  Finally, some people don't believe in the efficiency of random 
sampling.  Based on these facts the dmarc-ietf WG wants to drop pct= and 
replace it with a new t= (for testing, valued y/n, where y should be similar to 
pct=0):

https://datatracker.ietf.org/doc/html/draft-ietf-dmarc-dmarcbis-03#appendix-A.7


If you disagree, join the WG and let your voice be heard.


Best

Ale


On Sat 21/Aug/2021 19:28:00 +0200 A. Schulze Via Mailop wrote:

Am 20.08.2021 um 04:48 schrieb John Levine via mailop:
It's mostly to assuage the fears of large senders that all their 
mail will
be trashed if they've set up something wrong, ime.  They can set it 
to 20%

and observe the consequences "just to be sure" before going to 100%.


That was the plan.  Do you know anyone who actually does that?

yes, we do for datev.de

we're on the way to more then p=none and
startet with "p=quarantine; pct=10 " more then year ago
March 2021 we set pct=25 and June 2021 pct=50

We review the reports once per month and inverstigate findings
Depending on the current situation we plan to increase pct=

After the last year we got a signifiant amount of attention.
Simply because we identified setups that break our plan.
We offer alternatives, give time for implementation and get positive 
feedback.


I'm optimistic to step forward up to pct=99 and finally p=reject.
but not this year :-)

Andreas

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-21 Thread Antonie Popovic via mailop

Hi guys,

Sorry to break it to you, but the bad news about the pct tag is that not
everyone respects it. No matter what percentage you have some providers
will just apply your policy to the entire email traffic.

Have a great weekend,
Toni

On Sat, 21 Aug 2021, 19:38 A. Schulze via mailop  wrote:

> Am 20.08.2021 um 04:48 schrieb John Levine via mailop:
> >> It's mostly to assuage the fears of large senders that all their mail
> will
> >> be trashed if they've set up something wrong, ime.  They can set it to
> 20%
> >> and observe the consequences "just to be sure" before going to 100%.
> >
> > That was the plan.  Do you know anyone who actually does that?
> yes, we do for datev.de
>
> we're on the way to more then p=none and
> startet with "p=quarantine; pct=10 " more then year ago
> March 2021 we set pct=25 and June 2021 pct=50
>
> We review the reports once per month and inverstigate findings
> Depending on the current situation we plan to increase pct=
>
> After the last year we got a signifiant amount of attention.
> Simply because we identified setups that break our plan.
> We offer alternatives, give time for implementation and get positive
> feedback.
>
> I'm optimistic to step forward up to pct=99 and finally p=reject.
> but not this year :-)
>
> Andreas
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-21 Thread John Levine via mailop

It appears that A. Schulze via mailop  said:
>Am 20.08.2021 um 04:48 schrieb John Levine via mailop:
>>> It's mostly to assuage the fears of large senders that all their mail will
>>> be trashed if they've set up something wrong, ime.  They can set it to 20%
>>> and observe the consequences "just to be sure" before going to 100%.
>> 
>> That was the plan.  Do you know anyone who actually does that?
>yes, we do for datev.de
>
>we're on the way to more then p=none and
>startet with "p=quarantine; pct=10 " more then year ago
>March 2021 we set pct=25 and June 2021 pct=50
>
>We review the reports once per month and inverstigate findings
>Depending on the current situation we plan to increase pct=

If you mean the DMARC aggregate and failure reports, are you aware that the 
pct=N setting
does not affect the reports at all?

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-21 Thread A. Schulze via mailop


Am 20.08.2021 um 04:48 schrieb John Levine via mailop:

It's mostly to assuage the fears of large senders that all their mail will
be trashed if they've set up something wrong, ime.  They can set it to 20%
and observe the consequences "just to be sure" before going to 100%.


That was the plan.  Do you know anyone who actually does that?

yes, we do for datev.de

we're on the way to more then p=none and
startet with "p=quarantine; pct=10 " more then year ago
March 2021 we set pct=25 and June 2021 pct=50

We review the reports once per month and inverstigate findings
Depending on the current situation we plan to increase pct=

After the last year we got a signifiant amount of attention.
Simply because we identified setups that break our plan.
We offer alternatives, give time for implementation and get positive feedback.

I'm optimistic to step forward up to pct=99 and finally p=reject.
but not this year :-)

Andreas

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-20 Thread Zack Aab via mailop

>Do you know anyone who actually does that?
Our clients do when we set them up with DMARC.
*Zack Aab* (He/Him)
Deliverability, Tech Lead, Trendline Interactive
*O* +1 (512) 717-4097 <+15127174097> | *C* +1 (404) 317-6729 <+14043176729>
| *W* trendlinei.com 


On Thu, Aug 19, 2021 at 10:48 PM John Levine  wrote:

> It appears that Zack Aab via mailop  said:
> >
> >It's mostly to assuage the fears of large senders that all their mail will
> >be trashed if they've set up something wrong, ime.  They can set it to 20%
> >and observe the consequences "just to be sure" before going to 100%.
>
> That was the plan.  Do you know anyone who actually does that?
>
> R's,
> John
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-20 Thread Alessandro Vesely via mailop


On Thu 19/Aug/2021 18:22:30 +0200 Jesper wrote:

What do domain owners expect from an intermediate value of pct=?


[...] Those who removed the DMARC record probably got more
fail-reports than expected and panicked.


Uh, right...  Perhaps they thought deleting records spreads quicker 
than changing.



Thanks to all for the feedback!

Best
Ale
--













___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-19 Thread Faisal Misle via mailop

All of my customers do. We have them ramp up in their policy slowly over 4ish 
weeks to see if any missed sources get quarantined.

On Thu, Aug 19, 2021 at 9:48 PM, John Levine via mailop  
wrote:

> It appears that Zack Aab via mailop  said:
>>
>>It's mostly to assuage the fears of large senders that all their mail will
>>be trashed if they've set up something wrong, ime. They can set it to 20%
>>and observe the consequences "just to be sure" before going to 100%.
>
> That was the plan. Do you know anyone who actually does that?
>
> R's,
> John
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-19 Thread John Levine via mailop

It appears that Zack Aab via mailop  said:
>
>It's mostly to assuage the fears of large senders that all their mail will
>be trashed if they've set up something wrong, ime.  They can set it to 20%
>and observe the consequences "just to be sure" before going to 100%.

That was the plan.  Do you know anyone who actually does that?

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-19 Thread Zack Aab via mailop

It's mostly to assuage the fears of large senders that all their mail will
be trashed if they've set up something wrong, ime.  They can set it to 20%
and observe the consequences "just to be sure" before going to 100%.
*Zack Aab* (He/Him)
Deliverability, Tech Lead, Trendline Interactive
*O* +1 (512) 717-4097 <+15127174097> | *C* +1 (404) 317-6729 <+14043176729>
| *W* trendlinei.com 

On Thu, Aug 19, 2021 at 11:50 AM Alessandro Vesely via mailop <
mailop@mailop.org> wrote:

> Hi all,
>
> I've seen a few DMARC records having pct=20 or similar.  At a later
> time some of those domains evolved to pct=100, other removed the DMARC
> record completely.  I'm not clear what is the intended use of such values.
>
> What do domain owners expect from an intermediate value of pct=?
>
> Anyone?
>
> Best
> Ale
> --
>
>
>
>
>
>
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-19 Thread John Levine via mailop

It appears that Alessandro Vesely via mailop  said:
>Hi all,
>
>I've seen a few DMARC records having pct=20 or similar.  At a later 
>time some of those domains evolved to pct=100, other removed the DMARC 
>record completely.  I'm not clear what is the intended use of such values.
>
>What do domain owners expect from an intermediate value of pct=?

To make it clear, we know what the RFC says.  (Some of us even helped
write it.)  What we are wondering is what pct=N values people actually
use, and in particular if N is not 0 or 100, why did you pick that
number.

R's,
John
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-19 Thread Jesper via mailop


> What do domain owners expect from an intermediate value of pct=?

https://dmarcian.com/pct-tag/

So, if there are no issues - raise to 100 (or remove pct). Those who 
removed the DMARC record probably got more fail-reports than expected 
and panicked.


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-19 Thread Ralph Seichter via mailop

* Alessandro Vesely via mailop:

> I've seen a few DMARC records having pct=20 or similar.  At a later 
> time some of those domains evolved to pct=100, other removed the DMARC 
> record completely. I'm not clear what is the intended use of such values.
>
> What do domain owners expect from an intermediate value of pct=?

RFC 7489 section B.2.4 offers [1] an example for pct=25:

  25% of messages from this Organizational Domain are subject to action
  based on this policy ("pct=25")

This means one could for example use "p=reject; pct=1;" to test a reject
policy with only 1 in 100 detected DMARC verification failures causing
an actual rejection. At least that's the theory.

[1] https://datatracker.ietf.org/doc/html/rfc7489#appendix-B.2.4

-Ralph
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

2021-08-19 Thread Alessandro Vesely via mailop


Hi all,

I've seen a few DMARC records having pct=20 or similar.  At a later 
time some of those domains evolved to pct=100, other removed the DMARC 
record completely.  I'm not clear what is the intended use of such values.


What do domain owners expect from an intermediate value of pct=?

Anyone?

Best
Ale
--








___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

Re: [mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

[mailop] DMARC: Anyone using pct=n with n !=0 and n !=100?

19 matches

Site Navigation

Mail list logo

Footer information