[ietf-dkim] Are lookalike domains like parent domains?

[Arvel Hathcock]

>> Assume, say, one million people who regularly receive valid emails
>> from their bank (info at accounts.bigbank.com). If they received an email
>> from info at mail.account.bigbank.com, how many of them would believe the
>> email is really from the bank?

I assure you, lots.  Through liberal use of sub-domains via email and 
web sites end users have been trained to ignore the sub-domain part 
(since it frequently changes) and to focus on the "root domain" part 
(which is constant and they either trust or don't trust).

> Well, now we have another question -- who's going to be using ADSP, mail 
> system operators or end users?  It's always been my impression that the 
> main audience is MTA operators, who will use it in filtering decisions.

MTA operators will be using/deploying ADSP.  End-users are the intended 
beneficiary (as is the case with _all_ filtering systems).  The 
motivation driving MTA operators to deploy ADSP is end-user protection.

> If it's for end users, my experience says that they are equally likely to 
> be fooled by info at accounts-bigbank.com, which would suggest we've been 
> wasting our time.

I agree with the first part of what you've said but the second part does 
not follow logically.  One can not claim that because we fail to protect 
a user completely we therefore aren't able to provide any protection at 
all and have thus wasted our time.  ADSP isn't attempting to solve the 
accounts-bigbank.com problem.  But it does solve the foo.bigbank.com 
problem.  This is wonderful news and a welcome step forward.

Arvel