On Fri, Sep 12, 2014 at 09:27:42AM -0400, Theodore Ts'o wrote: > But unfortunately, once the UI recognizes this case, would we not be > imposing harm vis-a-vis phishing in particular? And then DMARC Mark > II (as it were) would have to prohibit the wrapping and require a wrap > of a wrap, etc. > > There's no way of winning this. But if we are going to go down this > path, it would be useful to discuss what the UI would look at that > meets the needs of mailing lists, but without potential harm of > phishing. Right, there's no way to win against phishing with narrow technical counter-measures. Phishing is not an attack on vulnerable computer systems that follow rigid rules, it is an attack on vulnerable fuzzy human reasoning about the online world. Narrow defenses like DMARC don't deter the phishers, but do damage the email infrastructure. Sometimes more harm is done by over-eager defenders, than by the attackers. The main effect of DMARC has been that 419 scammers now put the Gmail, Yahoo, ... email address in "Reply-To:", rather than "From:". Phishers also find other alternatives: Return-Path: <wanewviv@xxxxxxxxxxxxxxxxxxxx> Received: from web116.brainhost.com (web116.brainhost.com [64.31.11.114]) (using unknown with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by amnesiac (Postfix) with ESMTPS id 278102AB02B for <censored@xxxxxxxxxxx>; Thu, 11 Sep 2014 13:16:11 +0000 (UTC) To: censored@xxxxxxxxxxx Subject: Update You account PayPal From: trami zlal <PayPal@xxxxxxxxxxx> This phisher did not even bother to use a plausible Display Name. The pitch in the message payload is by far the most important element of the attack, the machine-readable "metadata" we protect is not nearly as significant. -- Viktor.