MH Michael Hammer (5304) writes: > One that comes to mind immediately is compromise existing list(s) > (MLM) used by target audience and then modify posts as desired. It > may be that the modification would be for only one or a few > recipients.
This has nothing to do with the registration issue. It's about the delegation protocols themselves. That said, sure -- that's an obvious threat for the delegation protocols, and it applies to other registration schemes, including "manual" ones like Otis's tpa-labels, too. But is it worth the spammer's while? First, note that we're assuming the spammers really want to send "from" p=reject Author Domains. Otherwise, why bother with suborning the mailing lists? If you can send apparently-from a p=none domain, delegation simply doesn't matter, because even DMARC itself doesn't come into play. I suppose one reason is that they have contact lists from the Author Domains in question. Are these still effective? Next, there is a small number of lists (60,000 or so).[1] What is the probability that you get a "large" intersection of contact lists with subscriber lists? Spammers think in terms of "shots" of *millions*; they need to be able to put out 20 recipients per list even if they compromise *all* of those lists, just to make their first million. Of course, maybe they just want to broadcast to the whole list "from" a p=reject domain address, but that makes the campaign all the more obvious. Is all that really worth it to a spammer, given that such a campaign would be noticed quickly, and delegation authority withdrawn from the Author Domains' MTAs? It all comes down to how p=reject Author Domains perceive the risk of abuse vs. the benefit to their mailbox users of being able to post to mailing lists without having their posts from-munged or wrapped. I think it's worth laying out the threat models we can think of for them, but in the end they decide. > I'm sure there are other mechanisms if a little thought is put > into it. Of course. As long as email as we know it exists, there will be (and most won't involve Mediators at all!) But the real question is can we lock things down enough to make spamming and phishing unprofitable? Footnotes: [1] I suspect that the ones that contain large numbers of p=reject posters are already under attack for this purpose, presumably unsuccessfully. _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
