[Top] [All Lists]

Re: [ietf-smtp] ietf-smtp(_at_)ietf(_dot_)org and DMARC with p=quarantine; pct=0

2019-01-25 15:47:07
Hello Kurt,

somebody wrote somewhere (I can search for this statement if necesssary), that 
p=quarantine; pct=0; is the way to test, whether the DMARC setup is working 
correctly and get failure reports.

So the difference between p=quarantine; pct=0;  and p=none is that in the 
former case a verification of a presumably ready setup is done.  During this 
verification, I think, From: ( should be changed by MLMs, as if pct 
wasn’t zero, in order to be sure that things will continue to run smoothly once 
pct is increased.

With other words, pct being present, zero or absent has no impact on the 
non-aggregate failure reports per message.

There is no such thing as “level”: quarantine is not one level less that reject.


On January 25, 2019 9:06:21 PM GMT+01:00, "Kurt Andersen (b)" 
<kboth(_at_)drkurt(_dot_)com> wrote:
On Fri, Jan 25, 2019 at 1:29 AM Дилян Палаузов

DNS TXT contains “v=DMARC1; p=quarantine; pct=0;
rua=mailto:akamai(_at_)rua(_dot_)agari(_dot_)com, mailto:
The MLM does not rewrite From:.  Delivering the
email to the mailing lists recipients leads to failed DMARC and a
aggregated) report is generated per delivered

Shouldn’t ietf-smtp(_at_)ietf(_dot_)org change the From:, when for the domain
p=quarantine is set, just as for p=reject, in order
to avoid generating useless reports, and ensuring delivered emails?
(Handling “quarantine” as “reject” on the
recipients’ side is not neccesary wrong).

Based on the definition of how "pct" is handled, 0% of the messages
through DMARC evaluation should be affected. The DMARC spec says:

(6.3) Percentage of messages from the Domain Owner's mail stream to
the DMARC policy is to be applied.  However,

(6.6.4) If the "pct" tag is present in the policy record, the Mail
MUST NOT enact the requested policy ("p" tag or "sp" tag") on more than
stated percent of the totality of affected messages.

When implementers are doing "funny stuff" like selectively manipulating
from addresses, it is debatable as to what the absolute "right" thing
since the definition of non-sampled message treatment is one level less
than the "p=" specification - in this case that would be "none".

ietf-smtp mailing list