This story in the Register is certainly germane to the discussion.... PayPal update email 'violates own anti-phishing advice' http://www.theregister.co.uk/2010/09/09/paypal_anti_phishing_fail/
Not intending to put you on the spot but I think it illustrates some of the change management issues regardless of the approach you choose. Mike > -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of McDowell, Brett > Sent: Thursday, September 09, 2010 3:31 PM > To: Douglas Otis > Cc: [email protected] > Subject: Re: [dkim-ops] subdomain vs.cousin domain (when > deploying"discardable") > > That might be interesting data, if you can share it. > > --- > Sent from my mobile phone > > On Sep 9, 2010, at 3:10 PM, Douglas Otis <[email protected]> wrote: > > > On 9/9/10 11:42 AM, Murray S. Kucherawy wrote: > >>> -----Original Message----- > >>> From: [email protected] [mailto:dkim-ops- > [email protected]] On Behalf Of Douglas Otis > >>> Sent: Thursday, September 09, 2010 11:16 AM > >>> To: [email protected] > >>> Subject: Re: [dkim-ops] subdomain vs. cousin domain (when deploying > "discardable") > >>> > >>> On 9/9/10 9:51 AM, McDowell, Brett wrote: > >>>> Does everyone agree that this is the "best practice" for the use case > >>>> provided (ignoring I only gave you two namespace options)? > >>> Until more comprehensive policy becomes available, yes. > >>> > >>> In general, using a cousin domain is a bad practice, where the term > >>> "far" has not been met by your current practice. [...] > >> Are there any recorded data supporting that assertion? > >> > > We experienced an increase in phishing when our marketing department > > decided to use cousin domains to promote new products. This left us > > dealing with a greater number of complaints from users confused by what > > they had installed. Unfortunately, there is an entire industry devoted > > to taking advantage of user confusion. > > > > -Doug > > _______________________________________________ > > dkim-ops mailing list > > [email protected] > > http://mipassoc.org/mailman/listinfo/dkim-ops > > _______________________________________________ > dkim-ops mailing list > [email protected] > http://mipassoc.org/mailman/listinfo/dkim-ops _______________________________________________ dkim-ops mailing list [email protected] http://mipassoc.org/mailman/listinfo/dkim-ops
