On 14/07/2020 19:48, Dave Crocker wrote:
On 7/14/2020 10:42 AM, Alessandro Vesely wrote:
On 14/07/2020 19:30, Dave Crocker wrote:
Forgive me, but I do not understand how your note, in any way, responded to
the substance of my query.
The bad thing is that _dmarc.fm.bank looses the effect of stopping phishing
attempts, as the Sender: domain would override. It keeps the ability to
generate feedback about authentic messages, though.
One more time...
DMARC does not stop phishing attempts.
Uh?
DMARC is designed to prevent bad actors from sending mail that claims
to come from legitimate senders, particularly senders of
transactional email (official mail that is about business
transactions). One of the primary uses of this kind of spoofed mail
is phishing (enticing users to provide information by pretending to
be the legitimate service requesting the information). Thus, DMARC
is significantly informed by ongoing efforts to enact large-scale,
Internet-wide anti-phishing measures.
https://tools.ietf.org/html/rfc7489#section-2.4
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
