"wayne" <wayne(_at_)midwestcs(_dot_)com> wrote:
What Anne is explaining is basically what we need to do to help
deployment, which is quite relevant to this working group. She is
explaing why people who want to stop phishing prefer the PRA over the
2821.MAILFROM even though the PRA protects the 2822.Resent-Sender:
header instead of the 2822.From: header in the critical case of actual
phishing.
The marid-mpr draft provides a method of protecting both fields without
using the PRA algorithm. It provides solutions for the sequential DNS
lookup, open list exploits problems, and allows safe reputation services.
-Doug