Dnia 12.07.2023 o godz. 13:58:21 Grant Taylor via mailop pisze: > > IMHO, some -- but not all -- that choose not to publish any > information to make the recipient's lives any easier are somewhat > choosing to say "I don't care, I'm not going to lift a finger, and > you must do all the work, even if it's ten times the work compared > to if I had given you the smallest amount of data." -- I try to be > a better net'itizen than that. A few people / organizations have > very specific reasons for not publishing information.
I would say otherwise. A few people / organizations DO have reason to publish SPF/DKIM/DMARC. These are the ones who send transactional mail. These - when impersonated - could cause harm to recipients by eg. redirecting them to a malicious website. Eg. said delivery companies, online stores, banks etc. Most of regular consumer email users don't have any reason for this. As Bill Cole, whom I was replying to, wrote - nobody would try to impersonate you or me in a phishing campaign for financial gain, because there won't be any. If I receive mail from an unknown account on Gmail, what does the "pass" result of SPF/DKIM/DMARC check actually tell me? What benefit gives me the fact that the message actually does come from Gmail, if Gmail has millions of users, unknown (but significant) percentage of them being malicious? On the other hand, if I receive a message from someone I know, I can usually recognize if it's actually written by that person or someone is trying to impersonate him/her. The style of writing, relevance to actual events that we are both concerned about and behavioral patterns (the time when the email is sent, the correlation between topic and length of the message etc.) are factors that we all intuitively, subconsciously take into account and are able to recognize a forgery quite well. So my opinion is that consumer-oriented email services, especially the big ones, have in fact little reason to publish SPF/DKIM/DMARC. On the contrary, corporate domains that are used specifically to send transactional email have a big reason to do it. As far as I remember, that was how these characteristics were initially thought of. Only later the "email oligarchs" forced the attitude that they should be quasi-mandatory for all. And to return to the topic, my initial message was not about *not publishing* SPF/DKIM/DMARC, but about *not checking* them on *incoming* mail. I still say - I don't do it because I don't need it. I don't remember a single phishing incident that wasn't at the same time an obvious and blatant spam, easy to catch by antispam filters. And referring to your comparison to "800 lb gorilla", if my "800 lb gorilla" does the job good enough and causes no issues with potential CPU overload on my server, there is absolutely no need for me to introduce additional "monkeys" that do (partially) the same job. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
