Dňa 18. októbra 2024 12:09:01 UTC používateľ Jaroslaw Rafa via mailop <mailop@mailop.org> napísal:
>That's the most important point against SPF, DKIM and DMARC. If they don't >stop spam at all, and are quite limited in preventing forged emails (plus >give a lot of trouble with FPs), are they really still worth pushing so >hard? AFAIK, the SPF, DKIM nor DMARC never had SPAM as goal. They all (together or standalone), from my point of vie, did significant drop of simple fake sender usage, in mean, if one's bank implements (properly) them and you will check them, users cannot be foiled by "not...@yourbank.com" from fake sources. And that is not only about From: header, but thanks to SPF, they are forced to not fake MAIL FROM: too (or at least, they are not as free as in past in that). Of course, no one from SPF/DKIM/DMARC will stop to someone will try to send fake mails, but receivers has tool now to identify many of them. And, of course, bad guys will investigate new ways to bypass that, but anyway i see these tools as really useful. I seen that drop on my domain(s) too (and i have no commercial purpose). Some years ago, the backscatter was really common (in mean of amount of "fake" bounces for my addresses). They happens nowadays too, but they are far from common (even not worth to count). I can only guess, that it is caused by more rejecting at SMTP phase rather than accept and then bounce, but the domain becomes less attractive to fake it too. What i see more problematic is forcing senders to use/setup that. OK, i am payed for network/internet related things, thus i have no problem do that for personal server too, but what others with personal domains? IMO, they are forced to setup something what they can not fully understand, and that is prone to misconfiguration or other mistakes... On other side, when i am under some more/less massive mails wave, i see a lot of fake senders (our, .sk) without SPF/DMARC records (while i never check all, only some of them). Regular SPAM (as not phishing, or so) is another story and, as was mentioned already, spammers adopted that. Thus having success SPF, DKIM and/or DMARC is not useful (if it even was) measure anymore, thus using that as argument against is not appropriate. IMO, dificulty to implement it is not argument too, computers and networks are not straighforwad anymore and even simple tasks are complicated, the programs are not sequential, use some form of predictions and assumptions, etc. In other words, they becomes more and more complex, as we want to solve more complex tasks. Complexity, IMO, is not question, in beter case we can ask, if it isn't too complex for particular task, but than easy can be subjective... regards -- Slavko https://www.slavino.sk/ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
