On 6/2/2020 5:45 PM, Seth Blank wrote:
There's a lot of clear and generally consistent data that shows From: header field spoofing leads to outsized impact on end users.
Odd that I've never seen it. Odd that it didn't surface during the literature search that was done when BIMI was started.
Again: Please point to work that is specific to this issue and, just in case it is part of a larger tome, please point to the specific place in the document that is relevant to this issue.
However, if by "credible" you mean peer reviewed and not presented by someone with something to sell in preventing the problem, that may be missing (although, it only tends to be systems with a part to play in preventing abuse that are even capable of seeing and distinguishing the issues) and could be an interesting independent study to run.
People with something to sell often do serious research. And they often document it. But this is quite different from marketing literature or hallway discussion. I'm asking to see the research writeups. (I made that plural since you are so firm in saying there is lots of supporting research.)
d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
