>> An essential part of such exercise is to explain why the mitigation is >> strategic. That is, why will it not be easy for attackers to work >> around the SSP mechanism and achieve equivalent attack success. > >Modulo look-alike domains I guess?
Depending on the threat, there's all sorts of likely workarounds. For example, as I noted a few days ago, many MUAs show the From: line comment rather than the address. I also look forward to learning what problem it is that we're trying to solve here. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
