[dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy
dhc at dcrocker.net
Sat Jun 7 06:35:09 PDT 2014
On 6/7/2014 3:24 PM, Larry Finch via dmarc-discuss wrote:
> Except, as I and others have discovered in the past few days, DMARC does
> NOT make email "so much more secure,” as phishers and spammers have
> already found workarounds to continue their assault. So all DMARC has
> accomplished is to inconvenience large, distributed communities of
> legitimate mail forwarders such as mailing lists with no long term benefit.
I hope there was nothing in my note that seemed to comment on dmarc
efficacy, one way or the other. I was trying only to comment on the
differences in the nature of open-relay vs. dmarc analysis.
The question of dmarc work-arounds raises the basic question of
short-term vs. long-term.
The paradigm change being imposed is a long-term effect. If, in fact,
the benefits are really only short-term, that's an extremely expensive
cost for a brief improvement.
Arguably, the mechanisms being put in place to make mailing list
participation work for authors of p=reject dmarc domains essentially
provide a road-map for abusers to follow. That would, indeed, seem to
make real dmarc benefits rather short-lived.
More information about the dmarc-discuss