> We might, but we probably wouldn't, since there's no reason to assume > that typical users understand the security implications of mail > addresses and domain names. Also, considering that there is > approximately an infinite number of ways to write something that looks > sort of like some other thing that people are expecting, this approach > is bailing the ocean with a sieve. >
Actually there is a finite number of look alike domains to any domain that are similar enough to fool someone. And DMARC finally gives us a way to address the look alike domain problem. It use to be that we'd go claim look alike domains but the bad guys would just then spoof them anyways. With DMARC you can now lock down a domain after you've claimed it.
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
