"McDowell, Brett" <[email protected]> writes: > Priority: it's more important to us that cyber criminals not be > systemically enabled to leverage MLM systems to bypass email > authentication flows and consumer protection policies designed to > block their attacks... the attacks that, if not for the MLM > intermediary, would have been blocked thanks to DKIM+ADSP and the > voluntary compliance to ADSP policies by certain ISP's/Mailbox > Providers.
Though is the fact that a mail arrives via an MLM not also a very strong contra-indication of the validity of nearly all mail which would constitute such an attack? Irrespective of any other factors, the mere fact that it arrives via an MLM is an almost certain indication that any mail which purports to tell you that you have won a lottery, been given a bequest, have a problem with your account, need to contact a company about some purchase or other problem etc, is almost 100% certain to be either a phishing attack, a forgery or a scam. In almost all cases, genuine mail sent via an MLM is not of the nature which requires such authentication or falls within consumer protection polices. To take your postings here as an example. Mail from PayPal about people's accounts, policy changes etc needs to be protected and pass authentication. However, whether or not your postings here authenticate as genuinely coming from PayPal is not really important and in no way affects the validity of the points you make in your posts. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
