On Thu, May 29, 2014 at 10:58 AM, Brandon Long <[email protected]> wrote:
> > > There seem to be rather a lot, since it's a feature on most magazine >> and newspaper web sites. Since you mentioned the WSJ, they use the >> user's own address as the From: address (I just checked.) Some do the >> hack you mentioned, but a lot don't. My college class has a mailing >> list, and I sometimes send articles to it from my WSJ account, which >> would stop working if they didn't let me put my own address on the >> From: line. >> >> Do you have any numbers on how much if any of a spam or phish problem >> these things are? They've never been on my radar, I think because they >> do a lot of rate limiting and inbound filtering. Some also limit it >> to subscribers. >> >> Also please keep in mind uses like the school teacher I mentioned >> earlier today. Again, useful, not abusive, and I think there are >> likely to be a lot of little setups like his that are now mysteriously >> failing. >> > > I'm sure most of the big ones are well protected with abuse limits, but > I'm sure there are plenty of other ones which are not. I'm sure each one > that is abused is a drop in the bucket of the overall abuse. > > That being said, with DMARC, I see no way forward for them. Even if the > WSJ and other large publishers are whitelisted by one of the schemes we're > talking about, the forms like your teacher's are never going to get > whitelisted. At best, a provider may provide a mechanism to whitelist > things for a specific user, but I haven't imagined anything like that which > would be particularly user friendly either. > I'd love to see some usage statistics from one or more of them. Lately it seems to me a lot more of such link sharing happens over social media (where this is all moot) rather than over email. -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
