Hans-Martin Mosner via mailop skrev den 2025-10-10 12:44:
But then, even if the sender address is <[email protected]> there are very likely enough people who would fall for it even if it was displayed in full.
https is not part of email address, there is no rule it have to match it, sadly, this test could be done in mua so eq dkim signers also make sure only https links is displayed if same domain, often its diffrents
if this is more thitned it would make it harder to make a phish link that works
where is dmarc clients ? :) _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
