>My understanding is that only a few of the very largest mailbox >providers cannot put in place blanket "reject email that does not >contain From: header" rules. It would be nice to have this scenario >become one of a "fail closed" as opposed to "fail open", but this likely >won't happen until more awareness is brought to the issue. To start, >maybe this scenario can become part of email vulnerability testing.
Mailbox providers will do whatever they think is best for their users. I have no idea how many messages without a From: line are malicious, and how many are just mistakes. I doubt anyone else in this discussion does, either. Given the zillion other ways there are to disguise phishes and circumvent DMARC, I see no reason to expect bad guys to omit From: lines any more than they do now. Nobody wants to deliver phish messages, but they don't want to lose legitimate messages due to over-strict phish heuristics either. But in view of the extremely small fraction of mail that's missing From:, I don't see it as a big deal either way. _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
