Opened 8 years ago

Closed 18 months ago

#5 closed defect (wontfix)

Definition of "pct" parameter

Reported by: superuser@… Owned by: todd.herr@…
Priority: major Milestone: Deliverable #3 (changes to DMARC base spec + DMARC Usage Guide
Component: dmarc-bis Version:
Severity: - Keywords:
Cc:

Description

Message-ID: <54AB056C.2090101@…>
Date: Mon, 05 Jan 2015 13:43:08 -0800
From: Jim Fenton <fenton@…>
To: "dmarc@…" <dmarc@…>
Subject: [dmarc-ietf] Comments on dmarc-base-09

[...]
Section 5.3, definition of pct: parameter: "However, this MUST NOT be
applied to the DMARC-generated reports, all of which must be sent and
received unhindered." This is strong normative language, but there is no
procedure specified anywhere for how to identify a DMARC-generated
report in order to apply this requirement. Consider the possibility that
bad actors may try to craft messages to look like DMARC reports.
[...]

Change History (5)

comment:1 Changed 5 years ago by kboth+ietf@…

  • Component set to dmarc-future-notes

comment:2 Changed 19 months ago by todd.herr@…

  • Component changed from dmarc-future-notes to dmarc-bis

comment:3 Changed 19 months ago by todd.herr@…

  • Owner set to todd.herr@…
  • Status changed from new to accepted

In keeping with ticket 47, I recommend that the following text be removed:

pct:
:   (plain-text integer between 0 and 100, inclusive; OPTIONAL;
default is 100).  Percentage of messages from the Domain Owner's
mail stream to which the DMARC policy is to be applied.  However,
this MUST NOT be applied to the DMARC-generated reports, all of
which must be sent and received unhindered.  The purpose of the
"pct" tag is to allow Domain Owners to enact a slow rollout
enforcement of the DMARC mechanism.  The prospect of "all or
nothing" is recognized as preventing many organizations from
experimenting with strong authentication-based mechanisms.  See
(#message-sampling) for details.  Note that random selection based on
this percentage, such as the following pseudocode, is adequate:

    if (random mod 100) < pct then
      selected = true
    else
      selected = false
Version 0, edited 19 months ago by todd.herr@… (next)

comment:4 Changed 19 months ago by todd.herr@…

Valimail data on 22 March 2021:

74790 DMARC records examined
 5548 have pct= tag
 5066 of those with pct= defined have pct=100
  482 of those with pct= defined have pct= other than 100
   53 of those with pct= defined have pct=0

comment:5 Changed 18 months ago by todd.herr@…

  • Resolution set to wontfix
  • Status changed from accepted to closed

Ticket #47 (remove pct= tag) overrides this one, so closing this one.

Note: See TracTickets for help on using tickets.