John R Levine writes: > For this application I don't see x= as much protection. If a bad guy > subscribes to the list or gets messages via something like gmane, he > can do the mutate and spam in close to real time.
Is this a practical concern, though? The levels of spam etc that drove Yahoo! and AOL to "p=reject" were *huge*, and have persisted (according to Elizabeth Zwicky of Yahoo!) for several weeks after imposition of "p=reject". The "retail" spams you describe are still going to have to run the obstacle course of content filtering, I would suppose, and x= means they have to use substantial resources to continually harvest new signatures. Do-able, of course, but how much of a threat? _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc