There’s a trademark ownership vetting item that’s part of BIMI implementation. Not just *anyone* can get past that. #wink
-Udeme On Thu, Jan 11, 2024 at 5:36 AM Laurent S. via mailop <[email protected]> wrote: > I might have missed something, but wouldn't that be a phisher's wet dream? > > Most spammers know very well how to do a mail with valid DMARC. So, now > they only need to send a valid mail from any throw away cheap domain and > in their BIMI add the logo of paypal? > > I understand it's not great to have to pay for the > verification/certification, but leaving the door open to abuse is a > dangerous path to take. > > Being on the antispam side, I would hate to have to start implementing > BIMI spoof checks. > > Regards, > Laurent > > On 11.01.24 00:05, Louis Laureys via mailop wrote: > > We decided to keep this because I read that some webmail clients are > > planning to support BIMI without checking for certificates, or, > > perhaps, also displaying a little lock icon in the corner of the > > sender's BIMI-style logo image where certification is verified. > > > > This is exactly what I have in mind for my client, thanks for publishing > your > > logo in an easily accessible and standard way :) > > > > Groetjes, > > Louis > > > > > > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
