[dmarc-discuss] On Inbound DMARC Support

Steve Atkins steve at wordtothewise.com
Thu Jun 19 17:23:12 PDT 2014


On Jun 19, 2014, at 4:56 PM, Steven M Jones via dmarc-discuss <dmarc-discuss at dmarc.org> wrote:

> On 06/19/2014 08:22 AM, John Levine via dmarc-discuss wrote:
>> 
>>> But if it can help put any dent whatsoever in the endless stream of
>>> corporate data breaches, for example, I think it's a net benefit for
>>> consumers.
>>> 
> 
> Before I continue: No, DMARC is not designed to prevent data breaches, and will not eliminate all data breaches - any more than it will eliminate all phishing. And the above does not claim it will do so.
> 
> However DMARC can help remediate a vector commonly used to initiate an intrusion against corporate networks,

I suspect you mean mitigate (although remediate does actually fit rather well).

You can't make that bald statement without expecting someone to ask for some evidence of it being useful for that purpose, though. (It's fairly clear to me, for instance, that it's not true - so it's be useful to provide a plausible line of reasoning for it being so; one that'll stand up to discussion).

> and recent data breaches have shown phishing was a key step leading to the theft of consumer data.

Yup.

Cheers,
  Steve




More information about the dmarc-discuss mailing list