[ietf-dkim] SSP = FAILURE
John Levine
johnl at iecc.com
Sat Sep 9 10:26:37 PDT 2006
>The best way to help end-users avoid getting phished it to not accept
>phishing messages for delivery. DKIM-SSP where strict policy
>statements are published offer a mechanism for this.
I get a message from security at ebay-verify.com. It has a valid
signature. I check the SSP for ebay-verify.com, which says "MAJOR
PHISHING TARGET, ACCEPT ONLY WITH SIGNATURE." So I drop it into the
recipient's mailbox with a gold star on it.
What have we just accomplished?
R's,
John
More information about the ietf-dkim
mailing list