On 1/5/21 12:04 PM, Dave Crocker wrote:
On 1/5/2021 11:34 AM, Michael Thomas wrote:
On 1/5/21 11:22 AM, Dave Crocker wrote:
From: header field rewriting demonstrates that DMARC is, indeed,
trivial to defeat (or rather, to route around.) Also, receiver
filtering engines are all that matter. Real-time actions by
recipients are demonstrably irrelevant to DMARC (and all other
anti-abuse) utility.
That's not the conclusion of the paper that Doug Foster linked to the
other day.
1. I've looked back over his postings to this mailing list and am not
finding the link you refer to. Please post it (again).
2. A single study is unlikely to be definitive about much of anything.
https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-hu.pdf
Actual data, actual experiments. Finally. And it's a lot better than all
of the conjecture here which is the currency of the realm.
When I first came back and saw the From rewriting I was very confused
by what it was until I figured out what was going on.
You think you are representative of end users? Try again.
I use my inner Luddite to use all of the time. It's one of my skills.
But an MUA designed with security in mind with its UI would go a long
way too. From re-writing is exactly the wrong thing to do from a
security standpoint though.
Mike
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
