On Fri 17/Jul/2020 23:00:53 +0200 John Levine wrote:
In article <[email protected]> you write:
I'd counter by personal anecdote that we have had to undertake
security remediations because of messages which were forwarded by our
CEO to other employees for responses which happened to contain malware
and/or bad links. ...
Except that the problem isn't the email address, especially since almost
no one sees those any more. And the display name isn't protected.
Do we have any recent numbers on how many users see the From address rather
than or in addition to the display name?
Similar problems are typosquatting and homograph attacks. I heard the latter
is being addressed also in email clients —which implies they target users who
look beyond the display name. We used to hold that DMARC does not cover those
topics. Why should we worry about display names?
DMARC filtering is designed to operate at the (edge) MX, not MUA. If applied
consistently, it grants a well defined kind of protection. That is just a
building block, not a silver bullet. Our problem is that DMARC filtering
cannot be applied consistently, because of MLMs. Lowering DMARC's contractual
obligations is not a proper solution.
Best
Ale
--
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
