In article <123e18e2-71ab-4946-b886-a12a735aa...@wordtothewise.com> you write: >There is absolutely nothing stopping a phisher from taking advantage of this. >In fact, phishers currently do send DMARC verified email where the >domain in the 5322.from is unrelated to the links in the message or to the >domain being phished. > >This seems to me to be a step along the path of making DMARC irrelevant by >teaching recipients that mail with a 5322.from address they don’t >recognize is legitimate email.
We went through this same argument with DKIM 15 years ago, explaining over and over to people who imagined that DKIM was a magic whitelist bullet that a DKIM signature by itself tells you nothing. It's only useful if you know something, good or bad, about the domain. Similarly, DMARC alignment tells you nothing unless you also have a reputation for the domain. I have trouble imagining why anyone would think it's a good idea to get alignment by using third party domains that recipients don't know. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
