> [mailto:[EMAIL PROTECTED] On Behalf Of Steve Atkins
> On Sep 7, 2006, at 12:28 PM, Hallam-Baker, Phillip wrote: > > > > >> [mailto:[EMAIL PROTECTED] On Behalf Of John Levine > > > > Mostly +1 > > > > But there could be utility in the sender saying 'My email > is at very > > serious risk of being impersonated'. > > What is that utility? Please expand on what behaviour you > expect from the recipient and how that will differ from the > case where the sender does not say that. If I know that you are a self declared target of phishing and that the consequences of letting a phish go through are considerably more serious than a random impersonation spam I can adjust my spam filters accordingly. In particular I would expect to filter out ALL mail automatically in the case that ALL the following apply: * The sender ALWAYS signs * The sender declares themselves to be at risk of phishing attack * The content is HTML * There are URIs in the body of the text message * The message has not been forwarded by a previously noted intermediary. It is possible that a few such mails would be falsely suppressed but this mechanism provides a pretty good bright line. At the very least it gives me a tool that allows me to bring these messages to the immediate attention of the abuse desk. There are ~100 million domains and only ~10,000 banks. Knowing what you are dealling with helps focus resources on the most significant problems. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
