Just to be clear, change to our non-discardable domain is not going to be
particularly painful. I and a few colleagues are "piloting" paypal-inc.com.
We knew that some trial and error (and debate) was in order before rolling it
out across the company.
But if we pick a domain that is entirely unrecognizable as being from "us",
that might be a harder sell within the company than paypal-inc.com (especially
since yahoo already operates yahoo-inc and has for a long time).
-- Brett
On Sep 9, 2010, at 2:15 PM, Douglas Otis wrote:
On 9/9/10 9:51 AM, McDowell, Brett wrote:
Mike, I appreciate all the comments you shared in your last response. I'm
replying to only one of them because I think this may be the consensus "best
practice" I was looking for.
On Sep 9, 2010, at 12:36 PM, MH Michael Hammer (5304) wrote:
The general rule would be to use a different domain that is
far enough from the transactional/brand domain that the risk of use for
enduser phishing is mitigated.
Does everyone agree that this is the "best practice" for the use case
provided (ignoring I only gave you two namespace options)?
Brett,
Until more comprehensive policy becomes available, yes.
In general, using a cousin domain is a bad practice, where the term
"far" has not been met by your current practice. It may have been
better to have used something like your stock symbol instead. Such a
change will be painful, and likely of little benefit, since users will
have been exposed to spoofing to a point where they should be wary of
cousin domains. Then again, there is always the next generation to
consider, assuming they will still be using email.
-Doug
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops