Zack,
Funny you mention JPMC as they are already working towards supporting
future requirements of BIMI by getting a VMC for their logos, which is
part of the planned implemetation of the BIMI standard.
https://www.businessinsider.com/jpmorgan-chase-using-verified-mark-certificate-to-combat-fraud-2019-9
A fake domain owner would not be able to get the required certificate
and validate their domain. While this is not currently a requirement
it's been planned from the start of the working group. Current
implementations require, DMARC at enforcement, a good reputation, and
some level of trust from the MBPs. As a working group we are still
defining this section and working with the MBP members to define how
this should look from both a sending and a receiving side - more to come
on this in the new year.
Publishing a record doesn't mean it's going to be honoured by any of the
receiving platforms.
--
~
MATT VERNHOUT
On 2019-12-06 9:43 a.m., Zack Aab via mailop wrote:
Of the following two domains, one is owned by a major bank and locked
down securely with DMARC and the other one currently costs $12 on
GoDaddy (it's even discounted!), can you tell which is which?
[email protected] <mailto:[email protected]>
[email protected] <mailto:[email protected]>
(No particular reason I picked Chase bank, I just crawled around the
whois looking for a good bank company example a while back and bumped
into this one first.)
_______________________________________________
mailop mailing list
[email protected]
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
