On Thu 14/Apr/2022 05:54:32 +0200 Seth Blank wrote:
On Wed, Apr 13, 2022 at 2:25 PM Jim Fenton <fen...@bluepopcorn.net> wrote:
On 12 Apr 2022, at 20:39, Seth Blank wrote:
Policies: https://dmarc.org/2022/03/dmarc-policies-up-84-for-2021/
Those are domains which publish a policy. An alternative graph here:
https://dmarc.org/stats/farsight/dmarc/
The number published by a European research is about the double. They say that
8,129,795 out of 246,425,997 domains exhibit a DMARC record (3.3%).
https://data.europa.eu/doi/10.2759/473317 (chapter 17, table 31).
Dmarcian has a Fortune 100, 2021/2022, per-policy statistics:
https://dmarcian.com/fortune-100-dmarc-policies/
In their home page, they count 1,776,500 monitored domains (35.7% or 21.8%).
Counting domains is undoubtedly easier than counting validated mailboxes. My
personal domain count, since one year ago, shows 9.3% domains having a DMARC
record; 4.1% of the latter having "dmarcian.com" in their rua. (However, I,
for one, send ag reports to Dmarcian without publishing their email address on
my DMARC record.)
For mailboxes that implement DMARC and send reports, Valimail (and Dmarcian
I believe) have historically tracked and published that. [...]
Out of curiosity, what does “properly validate DMARC” mean and how do you
measure it? If it means “retrieved the DMARC record”, that’s a metric but
not all that meaningful. I run Spamassassin so I probably would be part of
that metric but I’m not doing anything with the result. For that matter,
Spamassassin used to retrieve ADSP records.
If, on the other hand, it means that the recipient domain is acting on a
DMARC-published policy, that would be meaningful but I’m not sure how one
would measure that.
I don't think there is any available method to _check_ that a mail server acts
on published policies correctly, including alignment considerations, sp= and
np=. Checking also the accuracy of their aggregate reports would be a further
step. Measuring how many domains do so seems to me to be beyond reach.
Yes, "properly validates DMARC" means the mailbox provider validates and
handles the message per RFC 7489. This is easy to measure, because there
aren't that many large mailbox providers, and most are a) public with how
many mailboxes they represent, b) public with the fact that they validate
DMARC, and c) (in nearly all the cases, sans Microsoft) send reports which
can be used to confirm the proper handling of messages per published policy.
I'd call that a rough estimate, no?
Best
Ale
--
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
