On 4/30/08, Arvel Hathcock <arvel(_dot_)hathcock(_at_)altn(_dot_)com> wrote:
I don't think so. Forcing phishers to use accounts-bigbank.com when
today they are free to use bigbank.com directly is a significant step
forward both for receivers and senders. Receivers benefit because no
matter how similar accounts-bigbank.com appears to a human no filtering
agent will be confused into equating it with bigbank.com and that has
important implications for accurate filtering. Senders benefit by
regaining some measure of control over the use of their own domain which
for many is an important corporate brand and business asset.
> As a consequence, what you claim as protection really is not
> meaningful protection.
It seems meaningful enough to me.
I have to strongly with Arvel here. I strongly reject any thought
along the lines of "we shouldn't pursue methodology X because somebody
can bypass it with similar cousin domains."
Addressing spoofing by way of cousin domains is necessary, but is a
whole separate discussion. It, like protection related to the
validation of legitimate domains, are both two small pieces of the
authentication and trust puzzle.
Suggesting "forget it, because they can still get away with a
lookalike domain" seems to me like saying "forget about locking the
door; we shouldn't bother, beause it's not the only way a bad guy can
enter."
Best,
Al Iverson
--
Al Iverson on Spam and Deliverability, see http://www.spamresource.com
News, stats, info, and commentary on blacklists: http://www.dnsbl.com
My personal website: http://www.aliverson.com -- Chicago, IL, USA
Remove "lists" from my email address to reach me faster and directly.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html