Hi,
Le 24/11/2021 à 12:00, Alessandro Vesely a écrit :
ARC implies a reliable global reputation system, which only giant
providers can afford.
Not necessarily. It only imply that the evaluator has some reason to
consider acceptable that this particular message be handled by this
particular forwarder.
If, for example, the evaluator can know for sure that the author
designated in the From field really sent a message to the forwarder
immediately before the forwarded message came in, the probability that
the message is genuine is much higher [1].
Beginning of this month, I proposed an idea to achieve just that.
Cheers,
Baptiste
note [1]:
indeed, the attack model then changes from "send a message with a faked
From header" (easy) to "somehow have your target send you a genuine
message so you can modify and forward it" (possible, but much harder,
needs a targeted attack). Only high profile targets need to care about
the second type of attack.
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
