On 2024-02-15 02:51:17 (+0800), Gellner, Oliver via mailop wrote:
On 13.02.2024 at 17:05 John Levine via mailop wrote:
It appears that Taavi Eomäe via mailop <ta...@zone.ee> said:
On 13/02/2024 05:16, John Levine via mailop wrote:
Right now if you get a message from Gmail or Yahoo with a valid
DKIM signature, you
can be quite confident that it came from whichever Gmail or Yahoo
user
is in the From header.
That's absolutely not the guarantee provided by DKIM though.
More to the point, whether it's DKIM nor S/MIME or PGP, bad guys can
and do sign their mail, too.
True, however I never came across a S/MIME- or PGP-signed spam or
phishing message - and we receive a lot of S/MIME emails. I wonder if
others on this list have made different experiences.
I see a fair amount of S/MIME phishing. As John points out: S/MIME is a
very regional thing. As far as I can tell, it's something people in
Europe do a lot and people elsewhere do very rarely.
Having said that: I have seen S/MIME and even PGP signed spear fishing.
The spammers do use DKIM though, but that’s probably only because
they have to or because the service they are using performs this task
automatically anyway.
If the large mailbox providers made S/MIME and/or PGP mandatory, it
wouldn't take very long for automated systems to start doing exactly
that. And I wouldn't be at all surprised if the spammers got their
automation in place before legitimate senders.
Honestly, we're not going to "fix" this problem.
Philip
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
