So, are you saying that because we don't provide protection against
"cousin domains" we should drop our effort to provide protection
against mis-use of "exact domains?"
Where you say "exact domain" I presume you mean "subdomain", but I'd
flip it around to make it clearer.
Any filtering engine that will be effective against phishing needs to
deal with lookalike domains no matter what ADSP does. I asked a few
days ago for reports of filters that consider subdomains equivalent to
the parent domains, and got pretty sparse responses* that tell me that
if there are any that do, it's certainly not widespread, nor is it
common for legit mailers to use huge numbers of subdomains in their
mail. (If they use sub-huge numbers of subdomains, they can publish
ADSP for each, no harder than publishing A and MX.)
So whatever I'm going to do about lookalike domains, I'm also going to
do about lookalike domains that happen to be subdomains. Moreover,
even if ADSP were to do the one-level tree walk, I'm still going to
need my lookalike domain stuff for second and deeper level subdomains
since ADSP doesn't help there.
This tells me that the tree walk doesn't make my task as a receiver
any easier, while complicating the lookup. It's just cruft, and
probably cruft that causes needless pain along the lines of that
caused when SPF fans accuse normal forwarders of "forgery" because SPF
(as we all know) fails to deal with relayed mail. So forget it.
R's,
John
* - One guy still uses an old workstation mail system that puts the
host name into the return address like they did 15 years ago, and
there may be something in spamassassin that does so, sort of.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html