On 3/24/2021 4:54 AM, Ken O'Driscoll wrote:
DMARC is intended to prevent unauthorised use a domain name in the 5322.From header. This header was chosen because it is displayed in MUAs and is the target of spoofing attempts in phishing campaigns.
It was also chosen because it is the only identification field that is always present.
As for display to user, there is no evidence that validating the field has any effect on end-user susceptibility to phishing. It seems natural that it would; however in fact there is evidence that it doesn't. Still, the belief that it does persists.
d/ -- Dave Crocker [email protected] 408.329.0791 Volunteer, Silicon Valley Chapter Information & PLanning Coordinator American Red Cross [email protected]
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
