-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In message <CAH48ZfyQzzoKkefEm9M7AQfLAxM+WcanPrzB_xMxRMu-
[email protected]>, Douglas Foster <dougfoster.emailstandards@gmail.
com> writes
> The coverage problem is aggravated if we assume rational attackers.
> With a plethora of domains available for impersonation, attackers
> are least likely to use domains that are protected with p=reject.
you have grasped it ... the rational attackers do not impersonate the
protected domains, and the irrational attackers are blocked when they
do; hence the domain is protected and users are not misled
> Therefore the reference model implementation protects an evaluator
> where attacks are least likely, and fails to protect an evaluator
> where attacks are most likely.
however DMARC protects end users who might act on emails that were
spoofed to be from the domain that has been protected
Ian Levy (then of NCSC here in the UK) in "Active Cyber Defence - One
Year On" reported
We have seen the number of messages spoofed from an @gov.uk address
(for example, [email protected]) fall consistently over 2017,
suggesting that criminals are moving away from using them as fewer
and fewer of them are delivered to end users.
Across the 555 public sector email domains reporting to Mail Check,
we are seeing an average of 44.1 million messages a month which
fail verification, with a peak of 78.8 million in June. Of those,
an average of 4.5 million are not delivered to the end users. The
peak in June saw 30.3 million spoofed messages not delivered to end
users.
from which you will see that there are were a number of irrational
attackers, but that the rational ones now found their task harder
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1
iQA/AwUBZQJiO92nQQHFxEViEQIQ/wCg3bMOOkwzlALOCiqSeyYat37sLPsAoMmY
PQmhq6x7U/NYsa9/qa0geqQO
=cwUs
-----END PGP SIGNATURE-----
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
