On Sep 12, 2006, at 9:22 AM, Wietse Venema wrote:
What was the advantage of SSP with look-alike domains?
To find large unproductive ratholes? Neither DKIM or SSP claim to
have any direct effect on look-alike domain names, and there's
nothing in our
DKIM_BASE allows a recipient to distinguish mail from the bank from
look-alike mail that pretends to be from the bank. That
information comes in the form of the signing domain.
SSP has an advantage when we assume that criminals are stupid
enough to keep sending forged mail. It has no advantage with look-
alike attacks. Guess what criminals will do.
Agreed.
When distinguishing email from look-alikes and spoofs, it also helps
to know whether the signing domain validated the email-address in
some fashion, and whether the signing domain is associated with that
email-address. Both of these requisite answers for avoiding a spoof
or look-alike can be assisted with policy. This policy may reduce
the administration needed to ensure the reliability in distinguishing
valid email. Attempts to use policy to block look-alikes is likely
fruitless, and may cause a great amount of effort to be expended
attempting to repair resulting damage.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
