14 Apr
2026
14 Apr
'26
7:40 p.m.
On Tue, Apr 14, 2026 at 2:03 PM Rich Kulawiec via NANOG <nanog@lists.nanog.org> wrote:
It's time to recognize that all these email anti-forgery technologies are not just worthless security theater; they're *worse* than worthless because they certify as authentic messages that are increasingly NOT authentic.
I don't disagree with you, mostly... but, what's the solution here? Better heuristics at the receiver (either the leaf or the end-mTA) that classifies/etc spam/ham better? (this feels like the thing we've been doing for ~25+yrs already) Learning to live with spam in your inbox and better surfacing that fact to the end user in the MUA? (this also feels like a thing that's been happening for ~25 yrs) Other things?