On 4/30/08, Arvel Hathcock <[EMAIL PROTECTED]> wrote: > I don't think so. Forcing phishers to use accounts-bigbank.com when > today they are free to use bigbank.com directly is a significant step > forward both for receivers and senders. Receivers benefit because no > matter how similar accounts-bigbank.com appears to a human no filtering > agent will be confused into equating it with bigbank.com and that has > important implications for accurate filtering. Senders benefit by > regaining some measure of control over the use of their own domain which > for many is an important corporate brand and business asset. > > > As a consequence, what you claim as protection really is not > > meaningful protection. > > It seems meaningful enough to me.
I have to strongly with Arvel here. I strongly reject any thought along the lines of "we shouldn't pursue methodology X because somebody can bypass it with similar cousin domains." Addressing spoofing by way of cousin domains is necessary, but is a whole separate discussion. It, like protection related to the validation of legitimate domains, are both two small pieces of the authentication and trust puzzle. Suggesting "forget it, because they can still get away with a lookalike domain" seems to me like saying "forget about locking the door; we shouldn't bother, beause it's not the only way a bad guy can enter." Best, Al Iverson -- Al Iverson on Spam and Deliverability, see http://www.spamresource.com News, stats, info, and commentary on blacklists: http://www.dnsbl.com My personal website: http://www.aliverson.com -- Chicago, IL, USA Remove "lists" from my email address to reach me faster and directly. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
