On Sun, 22 Aug 2004, william(at)elan.net wrote:
On Sun, 22 Aug 2004, Dean Anderson wrote:
Likewise, if spam isn't stopped by SPF/SenderID/MARID, then those projects
will have failed.
No, the projecs will fail if they are unable in serious way to stop forgery
and phishing. If they help with stopping spam, that will be an extra bonus.
I've shown the examples that it does fail at stopping forgery, in its
present form. However, you can't extricate anti-spam from the MARID
charter.
Phishing can't be stopped. That is a con game as old as, well,
prostitution. One doesn't need to forge email to phish. Phisher's do
forge, but they don't need to. People dumb enough to trust email
addresses despite warnings to the contrary will trust similar-looking
email addresses or completely wrong email addresses because they're
/dumb/. Similar-looking but not-exact-duplicate letterhead and such have
been used in cons since before there was electricity.
--Dean