> On 10 Oct 2025, at 14:06, Michael Orlitzky via mailop <[email protected]> > wrote: > > On 2025-10-10 09:50:40, Tim Bray via mailop wrote: >> Hi, >> >> I've been wondering about how email clients could change to make >> phishing less effective. >> >> 1) Display the email address not the name in your email folders > > Going one step further: display only verified email addresses. If the > email address itself is forged, preferring it over the friendly name > isn't much of an improvement. With DKIM this is straightforward, but > if we are going to allow SPF to pass DMARC, then we need to display > the email address that was verified by SPF and not the one in the > "From" header. (Though most of DMARC becomes moot if you have the > courage to display unverified addresses as From: Unverified.)
Who is going to verify the addresses? Did it ever occur to you that some folks don’t want major tech companies not to have any more information about us? That collecting “verified” addresses makes the organization doing the verification an even bigger target for hackers. https://www.bbc.com/news/articles/c8jmzd972leo Let’s stop insisting people hand over data that can be used against them to organizations that have proven they are unable to protect personal info for shit. laura -- The Delivery Expert Laura Atkins Word to the Wise [email protected] Delivery hints and commentary: http://www.wordtothewise.com/blog
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
