On 12 Dec 2022, at 12:11, Evan Burke wrote: > These attacks were very narrowly targeted; the vast majority of DKIM replay > spam this year has been sent to just a few of the largest consumer mailbox > providers. In that context, lack of awareness of the problem is a poor > argument against trying to solve it.
This is interesting and surprised me a bit. I had expected that the senders of the messages being replayed were the large consumer mailbox providers, because it would be easy for spammers to hide in a large crowd and because the reputation of the large mailbox providers is (I expect) fairly bullet-proof just because of their size. Is there anything that you can say about the types of domains whose reputations are suffering as a result of replay attacks? Are they, for example, small consumer mailbox providers, email sending providers, or services that for some reason allow third parties to send (presumably transactional) email through their servers? -Jim _______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
