Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message , Douglas Foster writes >* The 5% with inconsistent results need further investigation. > Perhaps a server farm has one server that is generating wrong > signatures. more likely the email has been "fixed up" by a transport layer after the signature was calculated. Start by looking for patterns such as accented characters in the Subject header field or the RFC5322 From header field (where Unicode stand-alone accents have been amalgamated with the character they affect as a single glyph) or for unusual sets of spaces (where "invisible" Unicode values have been substituted) better yet of course get hold of the original email before it was signed and sent to you -- but spammers tend not to help you with that ! - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -BEGIN PGP SIGNATURE- Version: PGPsdk version 1.7.1 iQA/AwUBZIo7EN2nQQHFxEViEQLmKwCZAW3bqT5sWhDx6qr+WZ38maKfOl4AoMLT aM2bjkAMnzUEliPUKB1NW/ho =w9W/ -END PGP SIGNATURE- ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal
On Tue 13/Jun/2023 23:33:50 +0200 Tero Kivinen wrote: [...] As you can see 85.75% of incoming email was already signed by DKIM, and 86.5% of emails had SPF records that passed. So they both have about same amount if usage coming in to our servers. What are those 0.75%, some 30k SPF - DKIM messages? Are there cases of DKIM random failure salvaged by SPF? 0.19% 7506none,pass 0.15% 5910pass,none How do you order DKIM signatures? Thanks for the data Best Ale -- ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal
At M3AAWG a couple of years ago, a VLMB said that 60% of the DKIM errors they saw were obvious human error in the publishing of keys. This is why I’ve been pushing (through M3AAWG, and hopefully eventually via the appropriate working groups here) the need to automate publishing of DKIM keys. They’re public after all, and a human (and generally, multiple humans) shouldn’t need to be in the critical path of getting a key from a sending system UI and then getting it published properly in DNS. My main point on this whole thread is there’s a lot of theory, but as Tevo’s data shows, the reality of these deployments and their challenges is far trickier. I’m still working with Todd to bring our own data on SPF to the working group. Seth, as an individual On Wed, Jun 14, 2023 at 11:10 Murray S. Kucherawy wrote: > On Tue, Jun 13, 2023 at 10:34 PM Tero Kivinen wrote: > >> DKIM failures >> >> 36.34% 26619 invalid DKIM record >> > > This is staggering. Can you characterize what the most common > malformations are? > > -MSK > ___ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > -- *Seth Blank * | Chief Technology Officer *e:* s...@valimail.com *p:* This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system. ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal
On Tue, Jun 13, 2023 at 10:34 PM Tero Kivinen wrote: > DKIM failures > > 36.34% 26619 invalid DKIM record > This is staggering. Can you characterize what the most common malformations are? -MSK ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
