Alessandro writes in defense of PCT Assume a sender has some feedback mechanisms, such as 5yz SMTP replies, delivery notifications, return receipts or web-based actions.
This sender sends transactional messages, but is concerned about authentication errors that happen in an apparent random fashion. Errors can depend on internal software or on external forwarders which unwittingly break DKIM signatures. Relying on feedback, as soon as the sender recognizes that delivery failed, it repeats sending the same message several times until, by chance, it gets a toss greater than 80. PCT could work IF evaluators are willing and able to send a Temporary Error result (probably 451), instead of a permanent error, when - a DMARC verification fails, - the message is not unconditionally blocked or accepted on other criteria, and - the sender's PCT is between 1 and 99. The result should include an extended status code in the 4.7.2x range. This approach assumes that the temporary error status will cause the sender to retry multiple times over an extended period. Based on observed configurations, this probably works out to at least 10 attempts. In most cases, the PCT formula will cause the message to be accepted after a delay, which is a result equivalent to PCT=0. Assuming that the message is wanted, the delay is likely to be noticed by both sender and receiver, leading to communication between the parties and corrective action which prevents a reoccurrence. Assuming that the message is from a lazy spammer, the retries may not happen, but the event can still appear in the logs (if evaluators track and report the temporary errors). Doug Foster
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc