Tobias Fiebig wrote:
As of now, for the ~2k unique domains that participated in email- security-scans.org so far:
So, your samples are highly biased for domains where activities to support email security are high.
For comparison, 56.16% of domains are setup correctly to receive DMARC reports (including whether the report can actually be delivered). DKIM is being used correctly by 59.94%. MTA-STS is used correctly for outbound emails by 15.95% of senders.
With the bias above, don't the figures mean DMARC and DKIM hopeless? Masataka Ohta
