On Tue, Apr 29, 2014 at 10:11 PM, Mark Sapiro <m...@msapiro.net> wrote: > And think about it. If it were based on the presence of various headers, > how long to you think it would take the black hats to figure out what > they were and just put those headers into their phishing mails?
:-) If not that, they the black hats could/would/did just add DKIM+SPF+DMARC to their own yaaho.com, yahho.com, yahooo.com, etc. domains. After all, Granny Smith never looks at the domain, she just looks at From: "Flower of the Month Club" (which is likely long enough to push the <flowerofthemo...@yahooo.com> right off the right side of the header field. In 2 years people will be wondering how DMARC did hardly anything to slow miscreants, just like some wondered why SPF, DKIM, PGP, SenderID, etc didn't solved all of mankind's problems. -Jim P. ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
