Re: not really to do with Re: WG Review: Domain-based Message Authentica

On Wed, Jul 16, 2014 at 03:39:49AM -0000, John Levine wrote:

Is there quantitative evidence that preventing spoofing of the
"From" address reduces the efficacy of phishing?


According to people I've talked to at large mail providers, apparently
so.  DMARC blocks a lot of mail that is clearly phish.


That's not the question I'm asking.  Spamhaus RBLs, also block lots
of mail that is phish.  The real question is whether the incidence
of successful phishing attacks is reduced.

I would have thought that phishers would use any of the bazillion
obvious ways to circumvent DMARC, but they must be as lazy as anyone
else.


Which means that perhaps they don't need to bother, because they
are getting sufficient response rates?

-- 
        Viktor.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), (continued) Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Viktor Dukhovni not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), t.p. Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Viktor Dukhovni Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), ned+ietf Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Dave Crocker Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), ned+ietf Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Dave Crocker Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Viktor Dukhovni Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Douglas Otis Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), John Levine Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Viktor Dukhovni <= Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Niels Dettenbach (Syndicat IT&Internet) Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Scott Kitterman Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Dave Crocker Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Scott Kitterman Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Hector Santos Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), t.p. Re: really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Alessandro Vesely RE: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), Christian Huitema Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), John Levine Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc), John Levine

Re: not really to do with Re: WG Review: Domain-based Message Authentication, Reporting & Conformance (dmarc)