----- Original Message ----- > From: "Stephen J. Turnbull" <[email protected]> > To: "Barry Leiba" <[email protected]> > Cc: "Dave Crocker" <[email protected]>, [email protected] > Sent: Tuesday, June 10, 2014 3:33:16 PM > Subject: Re: [dmarc-ietf] Change the mailing list protocol, not DMARC. > > Barry Leiba writes: > > > But the more important point is that you're presupposing that the > > changes are "better", > > Yes and no. Obviously, if it is impossible to improve the MUAs, > there's no point in discussing it. In that sense, I have to presume > that improvements exist. That doesn't mean I assume I know what they > are, or that any of the examples I gave are better. > > On the Mailman lists today, one postmaster posted that he is observing > a surge in AOL-spoofing phishing this week, with AOL screen names in > the display name and some other address as the actual From: mailbox. > The abusers seem to have access to contact lists, as often the > addressee is acquainted with the AOL screen name. I don't see how > DMARC can help deal with that -- unless it cooperates with the MUA. > We know that the display name abuse is something that need to be tackled. We should not recommend to put anything that looks like a domain name in the display part, cause eventually we will put a rule to dump emails with such property.
I think also, MTA have become more strict, they know expect one and one only From header, with a Date header, and a few extra... to follow more strictly the RFCs. DMARC do not talk about invalid messages, because they should not even make it to DMARC evaluation in the first instance. _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
