It appears that Jaroslaw Rafa via mailop <[email protected]> said: >Most of regular consumer email users don't have any reason for this. As Bill >Cole, whom I was replying to, wrote - nobody would try to impersonate you or >me in a phishing campaign for financial gain, because there won't be any.
Since we all seem to have forgotten everything we talked about last week, the reason we have to deal with DMARC for normal mail systems (as opposed to places like Paypal where it makes sense) is that back when AOL and Yahoo were different companies, they both had such poor security that they let crooks steal their user address books, so people were getting spam with return addresses of people they knew. I think there were better ways to deal with that particular problem, but it is definitely the case that normal people get their addresses forged in spam. Perhaps it doesn't happen to hobby systems hosted in free public subdomains, but it happens to other people. R's, John _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
