[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Steve Atkins
On Sep 7, 2006, at 12:28 PM, Hallam-Baker, Phillip wrote:
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of John Levine
Mostly +1
But there could be utility in the sender saying 'My email
is at very
serious risk of being impersonated'.
What is that utility? Please expand on what behaviour you
expect from the recipient and how that will differ from the
case where the sender does not say that.
If I know that you are a self declared target of phishing and that the
consequences of letting a phish go through are considerably more serious than a
random impersonation spam I can adjust my spam filters accordingly.
In particular I would expect to filter out ALL mail automatically in the case
that ALL the following apply:
* The sender ALWAYS signs
* The sender declares themselves to be at risk of phishing attack
* The content is HTML
* There are URIs in the body of the text message
* The message has not been forwarded by a previously noted intermediary.
It is possible that a few such mails would be falsely suppressed but this
mechanism provides a pretty good bright line.
At the very least it gives me a tool that allows me to bring these messages to
the immediate attention of the abuse desk.
There are ~100 million domains and only ~10,000 banks. Knowing what you are
dealling with helps focus resources on the most significant problems.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html