Microsoft’s announcement is “helpful,” notes David Shipley, who runs security awareness training provider Beauceron Security and former director of strategic IT programs at the University of New Brunswick, “but only as long as people have good records and use good records.” . I’m sure big brands like Microsoft will be given the resources to do this, but no doubt all businesses or a small fraction of small and medium firms will do it.”
Many sites still don’t use some of the existing email security practices, he pointed out. For example, only 59% of the top 1 million domains have the old protocol, SPF (sender policy framework), officially configured, he said, citing an article in DMARC Checker. And of the top 1,000, only 77% have the correct basic SPF.
DANE won’t stop phishing, Shipley added, although it “might help concentrate crime.”
Source link