There is at least for Gmail: Gmail will authenticate the sender of the email and display a “signed by/mailed by” like in the header if it passes those checks. This then becomes one factor used to identify and handle potential spam messages.

There is at least for Gmail: Gmail will authenticate the sender of the email and display a “signed by/mailed by” like in the header if it passes those checks. This then becomes one factor used to identify and handle potential spam messages.

In order for a system like that to work there needs to be a central authenticator. If there’s a central authenticator it’s going to be a for profit corp behind it. If it’s a corp then it’s going to show favoritism to its “trusted validated” companies. And that’s how you get threats to net neutrality. Does not having the trusted symbol mean you’re untrustworthy? Are smaller companies now at a disadvantage because they aren’t trusted?

There are also some companies I’ve had accounts with that will use a code word or phrase that they will always include in an email to you. That at least makes bad spoof jobs completely obvious, since they wouldn’t have that part on there.

There is at least for Gmail: Gmail will authenticate the sender of the email and display a “signed by/mailed by” like in the header if it passes those checks. This then becomes one factor used to identify and handle potential spam messages.

In order for a system like that to work there needs to be a central authenticator. If there’s a central authenticator it’s going to be a for profit corp behind it. If it’s a corp then it’s going to show favoritism to its “trusted validated” companies. And that’s how you get threats to net neutrality. Does not having the trusted symbol mean you’re untrustworthy? Are smaller companies now at a disadvantage because they aren’t trusted?

In order for a system like that to work there needs to be a central authenticator. If there’s a central authenticator it’s going to be a for profit corp behind it. If it’s a corp then it’s going to show favoritism to its “trusted validated” companies. And that’s how you get threats to net neutrality. Does not having the trusted symbol mean you’re untrustworthy? Are smaller companies now at a disadvantage because they aren’t trusted?

There is. The primary problem is that people don’t always take time to actually look.

Each domain, like example.com can “blue check” their outgoing emails. Many mail servers will even reject incoming mail that doesn’t have the “verified check mark”.

The problem is that humans see an email, with the “blue check” from instascam.com saying their instantgram account is locked, click the link to instascam, their browsers loads the instascam webpage that they then enter their credentials into.

More details on how sent emails are verified. https://www.cloudflare.com/learning/email-security/dmarc-dkim-spf/

There are also some companies I’ve had accounts with that will use a code word or phrase that they will always include in an email to you. That at least makes bad spoof jobs completely obvious, since they wouldn’t have that part on there.

There are also some companies I’ve had accounts with that will use a code word or phrase that they will always include in an email to you. That at least makes bad spoof jobs completely obvious, since they wouldn’t have that part on there.