Randolf Richardson, Postmaster via mailop skrev den 2024-01-11 19:52:
I might have missed something, but wouldn't that be a phisher's wet dream?Indeed, and because the BIMI record references a URI to load the logo from, so the scammers (spammers, phishers, malware/virus distributors, etc.) could simply specify a different logo file with a recognized brand to make their bad eMail appear legitimate.
lets hope this is resolved to be same domain as sasl sender, where dkim is pass, bimi have no rule if its just random other domains is valid
hopefully no mistakes there _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
