Re: [dmarc-ietf] non-mailing list use case for differing header domains

Thu, 30 Jul 2020 18:03:13 -0700 

On 30 Jul 2020, at 15:52, Jim Fenton wrote:


There's an underlying assumption here that I don't agree with: that
DMARC adoption equates to the publication of a p=reject DMARC policy,
and that everyone (or at least all Fortune 500 companies) should be
doing that. p=reject should only be used when the usage patterns of the domain support that policy. I'm more inclined to say that 85% of Fortune 500 companies are savvy enough not to publish a policy that doesn't fit 
their usage patterns.


I am currently observing ~215.5 million domain names. Out of those, ~64

 million have a seemingly _valid_ SPF record and ~113 million with at 
least one MX record.



This is a current breakdown of the (valid) DMARC records I am observing 
over the general domain population above. This amounts to an adoption 
rate of ~1.7%.


|    p       |  count  |
| :--------- | ------: |
| none       | 2715614 |
| quarantine |  238584 |
| reject     |  726045 |


It is interesting that roughly half of those are not taking advantage of 
the reporting. Here are the counts for those with neither `rua=` nor 
`ruf=` in the DMARC records:


|    p       |  count  |
| :--------- | ------: |
| none       | 1092990 |
| quarantine |  107767 |
| reject     |  307614 |


I do not have a definitive list of Fortune 500 domain names, but I 
compile a rolling list of domain names with most traffic using multiple 
sources, which currently holds ~1.8 million unique domain names.



The breakdown of DMARC records from that high-traffic population is 
shown below, and it amounts to about 6.3%.


|    p       | count |
| :--------- | ----: |
| none       | 79367 |
| quarantine | 18094 |
| reject     | 15875 |


For completeness, here is the same report, counting only those that have 
neither `rua=` nor `ruf=` in the DMARC record. The ratio of _silent_ 
`p=quarantine` and `p=reject` seems around half as in the case of the 
general population.


|    p       | count |
| :--------- | ----: |
| none       | 32561 |
| quarantine |  4534 |
| reject     |  2760 |


It would seem that those high-traffic domains are ~5x more likely to 
adopt DMARC. To me, these numbers speaks of thoughtful and deliberate 
deployment that outpaces the general domain name registrations.



That said, I cannot claim whether the list of high-traffic domains is 
actually a good proxy for the domain portfolio of the Fortune 500 
companies.


Best regards

-lem


_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

























					Reply via email to