On 12/5/2011 10:58 AM, Monica Chew wrote: > For context, I work at Google on Gmail spam, and one of the things we've > been doing as an anti-phishing measure is enforcing that mail from certain > highly-phished domains must be signed with the DKIM key of the purported > sender. We started this several years ago for just ebay and paypal ( > http://gmailblog.blogspot.com/2008/07/fighting-phishing-with-ebay-and-paypal.html) > and for the last couple of years have been trying to do it for > google.comand a handful of other domains as well. > > A side effect of this has been that mailing-list mailing has been > particularly difficult to classify. We've mostly solved the problem for > groups that we host, but external mailing lists have been a continual > challenge. As a result, many Google employees who want to participate in > standards and open source communities have been unable to (see for example > http://lists.openid.net/pipermail/openid-general/2009-June/018364.html, > where both mail from Google and Facebook employees were not delivered to > openid gmail members) with their standard mailing address.
It seems you could solve this particular problem by allowing gmail users an option (non-default) to receive such mail with a "phish" warning rather than not receiving it at all. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
