John L wrote:
This assumes that SSP tries to solve the lookalike domain problem.
Can we review the last couple of messages, please?
You said that a way to avoid making useless SSP lookups was only look up
a domain if you've previously seen a signed message from it.
I said, I get a bunch of messages purporting to be from a bank I've
never seen before. This isn't lookalike, this uses the actual domain
(in this case hsbc.co.uk) but since I've never seen any mail from them
before, good or bad, I won't do the lookup and I'll never know that
their SSP says they sign all their mail.
You said:
As it happens, lots of people around here have HSBC US accounts, the two
banks' branding is nearly identical, and it's not absurd to worry that
if someone put HSBC US account info into the HSBC UK phish, the bad guys
would be able to make use of it.
hsbc.co.uk != hsbc.com. That they have layer 8+ ties to one another
is not a problem SSP is trying to solve.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html