On Saturday, June 6, 2020 4:45:11 PM EDT John Levine wrote: > In article <f312f1cc-4ccc-4510-83e3-4010aecf7...@kitterman.com>, > > Scott Kitterman <skl...@kitterman.com> wrote: > >I think the market has spoken on the utility of DMARC. > > There's no question that it was highly successful at Yahoo and AOL > after they let crooks steal their address books at reducing the amount > of spam their users received that forged addresses in those stolen > address books. Of course, if you are not Verizon Media, who cares? > > I gather it is also quite effective against phishes that for some > reason put the actual target's domain in the From: address, but > at this point I don't know how common that is relative to phishes > that put it in the From: comment, viz. Jim's question.
I'm not sure how important a question it is. It used to be quite common. If it's not anymore (I don't have access to a current data set big enough to really have an opinion), then I'd suggest that it's because abusers are, at least to some degree, deterred from doing so. If things like DMARC, SPF, and DKIM do nothing more than get abusers to use different domains than they would otherwise, I think that's a win. Unfortunately it's quite difficult to measure the deterrent effect associated with these mechanisms. I would expect that using different domains would make the filtering problem easier to solve, so even if the domain presented to end user doesn't matter (I think it does, but meh), pushing abusive mail to use other domains helps solve the filtering problem. Scott K _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
