Hi Alessandro,
At 03:40 11-04-2014, Alessandro Vesely wrote:
Please feel free to amend that page at your leisure.
"Big, popular brands are often used in phishing and scam email
attacks and I'm sure you've seen some of them first hand" [1]. DMARC
is a technology that provides brand protection. Let's say that you
work for cs.helsinki.fi. cs.helsinki.fi currently publishes a policy
to protect its brand. If you use that domain name to send a message
to ietf(_at_)ietf(_dot_)org, cs.helsinki.fi will reject that message. Several
big companies will also reject that message.
The suggestion is to have the ietf.org mail service rewrite the
domain part in the "From:" header as cs.helsinki.fi.invalid. The
ietf.org mail service is not doing that at the moment. The mail
service does not have to do that as the collateral damage is
considered as acceptable. The rewrite will cause other problems.
Email is like the Titanic.
Regards,
S. Moonesamy
1.
http://www.symantec.com/connect/blogs/introducing-dmarc-validation-email-securitycloud