ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Case for ADSP "dkim=except-mlist"

2009-10-16 19:28:59
Michael Deutschmann:
But guessing which list to forge is an SbO that the
spammers have not pierced yet....  Impersonating any list other than those 6
is futile -- it will bounce off my anti-Bcc filter.

It's called spear-phishing, which is a form of targeted attack that
occasionally makes headline news.

Speaking of unintended consequences, this kind of anti-BCC filter
is an example of how a well-intended security feature can actually
help opponents to make email look more authentic (because they know
what list headers to impersonate in order to pass the filter).

You can require that those six approved lists sign such mail. That
requirement makes the proposed DKIM feature even more redundant.

        Wietse
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html