Matt BlazeJan 21, 2024
Fascinating - iMessage phishing now includes specific instructions to get around iOS Lockdown Mode restrictions.
Show threadMatt BlazeJan 22, 2024

The replies about how people "should" notice the funky URL are distressing. Why should they?

If you expect people to become experts on esoteric naming conventions in order to use technology safely and securely, you're the problem, not them.

Show threadAdam Shostack  Jan 22, 2024
@mattblaze I promise to start paying attention to bizarre domain names the day my banks all stop creating domains like “account-online.com”
Show threadGarrett Wollman
@adamshostack @mattblaze Not to worry, even if they do, they'll still send you emails with some weird-ass third-party click-tracking URLs that have no obvious connection to anything, although you might recognize that your HR department uses the same spamcannon service.
Jan 22, 2024 at 9:45pmWeb
Show threadOobleckJan 22, 2024
@wollman @adamshostack @mattblaze I would be happy if I could get the groups in my org to agree on 2-3 mailcannon services.
Show threadGarrett WollmanJan 22, 2024
@Oobleck @adamshostack @mattblaze Oh, you've run into the length limit on SPF records too?
Show threadChristopher EvansJan 23, 2024

@wollman @Oobleck ticket came in to setup marketing.domain dkim/spf/dmarc records.

And two other groups are putting in records for different spam cannons on the top domain. At least marketing knows to get a subdomain setup. Just a few days left for https://dmarcian.com/yahoo-and-google-dmarc-required/

Understanding Gmail and Yahoo DMARC Requirements - dmarcian

Starting February, 2024, long established email authentication best practices—DMARC, SPF, DKIM—will become a requirement.

dmarcian
Show threadOobleckJan 23, 2024
@becomingwisest @wollman And that subdomain is what I’m pushing to get set up. That link is appreciated! I can use it to help my case.
Show threadChristopher EvansJan 23, 2024

@Oobleck I use the free version of them for my personal domain.

Work kicked off with https://sendgrid.com/en-us/blog/gmail-yahoo-sender-requirements for my group.

Gmail and Yahoo’s New Sender Requirements: A Closer Look

Learn about Gmail and Yahoo!'s new sender requirements and what you should do to become compliant and protect your sending.

Sendgrid