[dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy
fmartin at linkedin.com
Sat Jun 7 10:31:06 PDT 2014
On Jun 7, 2014, at 5:26 PM, Dave Crocker via dmarc-discuss <dmarc-discuss at dmarc.org> wrote:
> On 6/7/2014 5:15 PM, Scott Kitterman via dmarc-discuss wrote:
>> Maybe I lost context, but I thought the claim that was being disputed and
>> needed assessment was if p=reject was affecting the rate of phishing attempts.
>> It would seem to me that for that question, a comparison of before/after
>> p=reject data would yield some interesting information.
> ahh. ok. sort of.
> That does get at attempts via the protected path, namely rfc5322.from
> field domain.
> However it doesn't permit measuring other aveneues of attack spoofing
> the dmarc-using organization.
> A claim that attackers will use work-arounds creates a desire for
> measuring use of work-arounds...
But the claim is that these workarounds will mainly happen after you do DMARC p=reject. This data is coming in a not too distant future now.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the dmarc-discuss