Failing to deliver mail == A-OK!
| Friday, October 5th, 2007 | --Sean |
In this blog, we generally write about cool things that Yahoo! does. This is the opposite -- a thing that we're not doing, which ends up being cool. Yup, being lazy has never been so handy!
No, seriously, a lot of work went into this, really. *grin* Yahoo! Mail has been integrating Domain Keys -- a method of verifying that email is coming from where it says it's coming from, essentially -- into our mail product for quite some time, which makes sense given that we helped to develop some of the first specifications for the system. It's hard to actually stop phishing by just displaying whether an email is Domain Keys signed, though, because who would remember to always check (especially considering that a majority of email senders still aren't using the protocol)? But we have taken a very concrete step forward by working with eBay and PayPal to block unsigned emails that are supposedly originating from their domains (more coverage here). Instead of putting the burden on our mail users to sort out whether the emails are legitimate or not, we can simply keep them from even seeing the emails that we know are fraudulent in the first place. Given how many eBay and PayPal phishing scams are out there and how much is materially at stake when your account is compromised, this can only be a good thing.
Somehow, I never get the same response when I want to not do things on my site.
October 8th, 2007 at 10:36 am
Thank you!
The last few ebay/paypal experiences have been a real pain due to the load of phishing attacks. This will save me some headaches.