Participating, I have data that I believe points to a long tail of businesses who predominantly only authenticate on behalf of others using SPF, and would be harmed by such a change. It will take me a little while to confirm and share.
I also know a predominant ccTLD with millions of registrations, that has SPF on roughly 80% of them, but DMARC on barely 5%. I don't have data on DKIM for those, but I assume it's closer to the DMARC penetration than the SPF one. I'll see if I can get this data to share more publically, and also get the DKIM answer. Of course the goal is aligned dkim with a stated policy, but I don't think the data supports us being anywhere close to that realistically. As Chair, this is a valuable conversation to have with real data on problems and opportunities at scale, and am excited to see Tobias share and see what others have to say. Seth On Thu, Jun 8, 2023 at 3:21 PM Murray S. Kucherawy <superu...@gmail.com> wrote: > On Thu, Jun 8, 2023 at 6:00 AM Tobias Herkula <tobias.herkula= > 401und1...@dmarc.ietf.org> wrote: > >> My team recently concluded an extensive study on the current use and >> performance of DMARC. We analyzed a staggering 3.2 billion emails, and the >> insights drawn are quite enlightening. Of these, 2.2 billion emails >> (approximately 69%) passed the DMARC check successfully. It's quite an >> achievement, reflective of our collective hard work in fostering a safer, >> more secure email environment. >> >> >> >> However, upon further analysis, it's evident that a mere 1.6% (or >> thirty-six million) of these DMARC-passed emails relied exclusively on the >> Sender Policy Framework (SPF) for validation. This is a remarkably low >> volume compared to the overall DMARC-passed traffic, raising questions >> about SPF's relevancy and the load it imposes on the DNS systems. >> >> >> >> Given the current use case scenarios and the desire to optimize our >> resources, I propose that we explore the possibility of removing the SPF >> dependency from DMARC. This step could result in a significant reduction in >> DNS load, increased efficiency, and an accurate alignment with our >> predominant use cases. >> >> [...] >> > > Does anyone have consonant (or dissonant) data? > > -MSK, participating > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > -- *Seth Blank * | Chief Technology Officer *e:* s...@valimail.com *p:* 415.273.8818 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
