[At-Large] IDN Variants in the market place

bzs at theworld.com bzs at theworld.com
Tue Jul 24 18:44:50 UTC 2018 

On July 23, 2018 at 13:41 ocl at gih.com (Olivier MJ Crépin-Leblond) wrote:
 > Dear Barry,
 > 
 > On 21/07/2018 04:47, bzs at theworld.com wrote:
 > 
 >     And the speaker said: Reputational services! They are being developed
 >     and will augment this protocol to solve exactly that problem.
 > 
 >     2003.
 > 
 >     Do you see any reputational services? I don't.
 > 
 >     Or not beyond some singular efforts where a search engine tries to
 >     flag a link as potentially malicious.
 > 
 > 
 > There is a lot of added software coming from the likes of Symantec & others
 > that perform reputational services, only you don't see it because all the spam
 > that they filter out is essentially not seen by the end user. Same for all of
 > the blacklists like SpamCop etc. That's DNS reputational services for you. You
 > can go as far as actually not really knowing what these people do and
 > sub-contracting your email handling to the Microsoft Cloud or Google/Gmail, or
 > other hosted spam filtering services.

That's a good point though it has evolved to be more of a binary
choice, good or bad.

>From his remarks I was expecting something more like a credit score.

Spamassassin tries to divine that via various methods, including
optionally such lists, but by default just features of the email
itself such as does it contain "invisible" text (white text on white
background) probably intended to deceive Bayes filters or similar,

>From this it develops a scoring and one can accept/reject/flag based
on that score.

 > 
 > BTW am I the only person who is still amazed at how many companies including
 > banks neither use DKIM nor TLS for their emails?

Amazed? Maybe I'm more cynical.

Many probably view this as potentially rendering their precious email
pitches undeliverable to many.

Barely on topic but I will continue my prediction that "Spam-II The
Next Generation" will involve sources you have had some legitimate
contact with but now you're being inundated from them and hundreds
like them.

For example I just got a legitimate email from my landline provider
(yeah yeah) that I Must Pay My Bill Today Or Else! Some inspection
revealed it's not due for about 3 weeks...but hey, why not?, email is
just about free, dialing for dollars!, prey on the easily frightened.

I'm just thankful they don't send a message like that hourly tho there
are some vendors I've bought from who do send some sort of pitch
nearly hourly, certainly several times per day, every day.

Yes they're more easily automatically filtered than bad actors but is
one really going to filter out their utility companies? Or how much
work should one do to separate their wheat from their chaff?

-- 
        -Barry Shein

Software Tool & Die    | bzs at TheWorld.com             | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD       | 800-THE-WRLD
The World: Since 1989  | A Public Information Utility | *oo*

More information about the At-Large mailing list