ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DMARC methods in mailman --- [LEDE-DEV] DMARC related mass bounces / disabled subscriptions (fwd) Jo-Philipp Wich: [LEDE-DEV] DMARC related mass bounces / disabled subscriptions

2016-12-16 14:27:25
from [Theodore Ts'o] [Permanent Link] 
The real problem with all of these schemes is as they make life easier
for the user, it also makes life user for the phishers.  So for
example, if we start adding a mail header field "this is *really* the
sender", or there is a standard way to parse it out of the comments of
the from field, then it will also provide a better user experience and
a better user interface to display that as the summary line of the
e-mail, and in the mail headers that are displayed for the user.

And the moment you do that, the phishers will use that to exploit
stupid uesrs, and then there will be a DMARCv2 that will break that
field, and perhaps, break mailing lists again.  :-(

                                                - Ted
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  The RFC Format docs are now RFCs, Heather Flanagan (RFC Series Editor)
Next by Date:  Re: DMARC methods in mailman --- [LEDE-DEV] DMARC related mass bounces / disabled subscriptions (fwd) Jo-Philipp Wich: [LEDE-DEV] DMARC related mass bounces / disabled subscriptions, Viktor Dukhovni
Previous by Thread:  Re: DMARC methods in mailman --- [LEDE-DEV] DMARC related mass bounces / disabled subscriptions (fwd) Jo-Philipp Wich: [LEDE-DEV] DMARC related mass bounces / disabled subscriptions, Paul Wouters
Next by Thread:  Re: DMARC methods in mailman --- [LEDE-DEV] DMARC related mass bounces / disabled subscriptions (fwd) Jo-Philipp Wich: [LEDE-DEV] DMARC related mass bounces / disabled subscriptions, Viktor Dukhovni
Indexes:  [Date] [Thread] [Top] [All Lists]