On Wed, Apr 23, 2025 at 8:13 AM Alessandro Vesely <[email protected]> wrote:
> On Mon 21/Apr/2025 19:29:10 +0200 Allen Robinson wrote: > > I agree that a large number of recipients is not a requirement for > replay > > attacks. Abusers that target many mailboxes tend to get more attention > than > > those that target small numbers (or one) due to their ability to > negatively > > impact a sender's ability to send mail, and so that's the style of > attack that > > gets discussed the most when talking about mitigation or prevention > strategies. > > > While a large number of recipients is not a requirement, a spear-phishing > message addressed to a single recipient can more easily be sent directly > to > that recipient. Unless the spammer needs to hide all traces of contact > with > the victim, that is. > There is less obvious value in replaying messages to a single destination, but IMO it still fits the definition of replay. For the case of a single target, I see some non-zero value in using the technique. Leveraging a reputable domain's signature to achieve delivery of a slightly modified message, for example, would involve some sort of capture+replay. > > Best > Ale > -- > > > > >
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
