Re: [dmarc-ietf] Does Aggregate Reporting meet "Internet Scale" test?

Sun, 11 Dec 2022 23:58:41 -0800
The worst case is a little worse than doubling the traffic. Consider the case that global traffic consists of N messages. It may happen that they are all for different <recipient domain, sending domain> pairs. In that case we have N aggregate reports, for 2N global traffic. 



It can be a little worse than that if we consider that part or all of the 
original N messages can be aggregate reports themselves.  (This should be 
avoided by sending reports from a subdomain which has a DMARC record with 
no rua= tag.)




Anyway, the point that traffic is bounded by a polynomial tells us that 
it's feasible, according to complexity theory.



Best

Ale



On Mon 05/Dec/2022 23:01:17 +0100 Douglas Foster wrote:

I began wondering if Aggregate Reporting works only because DMARC has been 
embraced by a small portion of domain owners.



1) Is Aggregate Reporting a significant portion of all mail?  In some 
cases, Yes.


My organization's data:
Inbound volume is 11 times greater than my outbound volume.
Inbound mail has 1 new domain for every 5 messages


Net result:   If I were to do reporting, and reporting became requested for 
most or all domains, my outbound mail volume would triple, because my 
outbound report volume would be twice as large as my outbound business mail 
volume.


2) Is Aggregate Reporting efficient?   Restating previous concerns:

"All Signature" reporting means:
We keep evaluating even after successful authentication has been established,
so that we can capture and store data of little actual value,
even though it causes reduced aggregation and longer reports.

"No Problems found, No changes found" reporting means:
We send redundant reports day after day.

"All Requesters" reporting means:

We send reports even to domain owners that were blocked because of domain 
reputation.



A good place to start would be to extend the reporting interval for 
no-problem-found reports.


Doug Foster



_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc


_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc























					Reply via email to