On 2017 Jan 31, 05:59, Jim Popovitch wrote: > On Sat, Jan 28, 2017 at 1:49 AM, Dave Warren wrote: > > On Fri, Jan 27, 2017, at 04:23, Jim Popovitch wrote: > > > >> But what can you do about it? What is the "value" of having that > >> information, and what is the "cost" of capturing it? > > > > To me, the value of these reports is pre-deployment, by carefully > > reviewing the reports you can identify any legitimate sources of mail > > which are not properly signed and aligned. > > I rolled out additional DMARC support for Mailman (outbound alignment) > recently, and to be honest I'm not yet convinced that all receivers > have a clue when verifying alignment... so it makes it much more > difficult, for me, to trust the data. So... imho it's a waste of > time/effort building an archive of suspect data until faith can be > established in what is reported.
So what exactly did you do to "roll out additional DMARC support" in your Mailman setup? I don't see why you suspect receivers of your mailing list traffic are doing it wrong when checking it for DMARC. Mailing list traffic is prone to fail DMARC checks in subtle ways. > Here's a few examples for the same email: > > Hotmail gets it right: > http://domainmail.org/dmarc-reports/hotmail.com%21netcoolusers.org%211485698400%211485784800.xml > > ItaliaOnline gets it right: > http://domainmail.org/dmarc-reports/italiaonline.it%21netcoolusers.org%211485778386%211485778386.xml > > VirginMedia gets it wrong: > http://domainmail.org/dmarc-reports/virginmedia.co.uk%21netcoolusers.org%211485734404%211485820804.xml > > CSP-Net gets it wrong: > http://domainmail.org/dmarc-reports/bechu-vir0001.csp-net.ch%21netcoolusers.org%211485730804%211485817204.xml I see in those samples you provide that DKIM is failing for some messages. Could it be that some subscriber(s) to your mailing list has set up some kind of subject-tagging and ulterior forwarding when he receives your mailing list messages? > So it's 50/50 for the same small sample of list traffic. Do I care, > sure! If someone from Virgin Media or CSP-Net wants to explain the > failures (or send me the RUFs that I already ask for) then I am all > ears. Until then, I remain a skeptic. ;-) Skeptic about what: about those receivers ability to properly check DMARC, or about the usefulness to you of DMARC reporting? It seems to me that DMARC reporting is all about statistics, and for statistics to be relevant you have to drown down the noise, and for that you need to have a big enough sample. The samples you provided are very small in the quantity of messages reported, so it could well be that you are seeing noise just now, and that you need a much bigger sample to reap the value of DMARC reporting. For example, see bullet point 3 here to read about the true value of DMARC reporting: https://blogs.msdn.microsoft.com/tzink/2016/09/27/how-we-moved-microsoft-com-to-a-pquarantine-dmarc-record/ Bye. -- Peter Gonzalez _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
