> > > > I'm going to have to disagree with you John. DMARC is about preventing > > direct domain abuse. It does not specifically address phishing as the bad > > guys can simply use cousin domains, homoglyphs, etc. > > Well, it's abount a subset of phishing. It's surely more about phishing > than about spam.
IMHO, by cutting out direct domain spoofing, DMARC makes it easier for receivers to craft algorithms that spot impersonation attacks. Once you have configured DMARC, receivers can build - for example - a machine learning system that learns what your legitimate email looks like. They can use that same system to identify messages that look like your legitimate email but which do not actually originate from your domain. If you want to detect domain impersonation or "brand" impersonation, you first have to have a verifiable ground truth corpus. That is what DMARC offers. Regards, Ken
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
