Hacker News new | ask | show | jobs
by whatevaa 78 days ago
"The user just needs to be careful not to step on a landmine. Exact steps left as an exercise to the reader".

Anybody can send email with all of the dmarc stuff, how do you "be careful" with spoofed email?
1 comments
__david__ 78 days ago
> how do you "be careful" with spoofed email?

You actually verify DKIM and SPF—you know, that “dmarc stuff”. That’s enough to tell you the mail is not spoofed.

link
habinero 78 days ago
Oh god. Tell me you've never dealt with those in real life without telling me lol

Usually the very best you can do IRL is "probably fine" or "maybe not fine" and that's just not good enough to justify blocking customers. Email is an old tech and there's a lot of variation in the wild.

link