On Sep 12, 2006, at 10:49 AM, Arvel Hathcock wrote:
SSP has an advantage when we assume that criminals
are stupid enough to keep sending forged mail. It
has no advantage with look-alike attacks. Guess what
criminals will do.
They will stop using real domains and start using other domains
(assuming your logic plays out).
This is PROGRESS. This is something positive (not negative).
Today I received a half dozen paypal phishing mails. All had
"<local-part>@paypal.com" in the FROM header. SSP can stop that.
SSP can't solve everything but that's no reason not to let it
address what it can solve.
Restrictive policy that blocks only a portion of spoofing attempts is
not progress, it is failure. This will not improve the opening rate
of valid messages or reduce the success of criminal activity. Only
annotations based upon retained email-address will prove successful,
not SSP based blocking. SSP based blocking breaks email for normal
uses that is a step backwards.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
