ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] SSP = FAILURE

2006-09-09 12:00:42
On Saturday 09 September 2006 13:26, John Levine wrote:
The best way to help end-users avoid getting phished it to not accept
phishing messages for delivery.  DKIM-SSP where strict policy
statements are published offer a mechanism for this.

I get a message from security(_at_)ebay-verify(_dot_)com(_dot_)  It has a 
valid
signature.  I check the SSP for ebay-verify.com, which says "MAJOR
PHISHING TARGET, ACCEPT ONLY WITH SIGNATURE."  So I drop it into the
recipient's mailbox with a gold star on it.

What have we just accomplished?

A bad thing.  Don't put the gold star on it.  That would be a mistake.

Scott K
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html