On Mon, Aug 15, 2016 at 11:31:16AM +0200, Alessandro Vesely wrote:
On Mon 15/Aug/2016 03:22:08 +0200 John Levine wrote:
My form is marissa(_at_)yahoo(_dot_)com(_dot_)dmarc(_dot_)fail, but if
wildcard MX records
are scary, it could be
marissa-yahoo(_dot_)com(_at_)fwd(_dot_)ietf(_dot_)org. Having done
this before, I know it's not terribly hard, and I'd be happy to help
make it work.
Marissa(_at_)yahoo(_dot_)com(_dot_)MANUALLY(_dot_)REMOVE(_dot_)THE.TRAILING.PARTS
would involve even
less work and worries. IMHO, it is not so much its forcing recipients
to refurbish their wit in order to discern phishes, as its rendering the
From: field meaningless, which troubles this workaround's viability.
From what John has said, he's actually made the from field work:
% dig -t mx dmarc.fail +nocomments
; <<>> DiG 9.10.3-P4-Debian <<>> -t mx dmarc.fail +nocomments
;; global options: +cmd
;dmarc.fail. IN MX
dmarc.fail. 3599 IN MX 20
mail1.iecc.com.
;; Query time: 188 msec
;; SERVER: 192.168.86.1#53(192.168.86.1)
;; WHEN: Mon Aug 15 08:58:07 EDT 2016
;; MSG SIZE rcvd: 69
I do wonder how he deals with the spam reputation problem of his
forwarding server if too many spammers try to send mail to
marissa(_at_)yahoo(_dot_)com(_dot_)dmarc(_dot_)fail --- I assume he must do a
lot of
anti-spam filtering and is refusing to forward stuff which is spam?
Hopefully he's using a more intelligent spam filter than Gmail is,
though. :-)
https://plus.google.com/+DavidMiller/posts/ifyNptbyxs1
Maybe spammers are starting to use patches as filler? Who knows. :-(
Next thing you know, maybe they'll start using excerpts from I-D's,
and then where will the IETF be?
- Ted