top | item 23354520

(no title)

BGZq7 | 5 years ago

> If they use a reputable bulk mailing service instead of using their first-party domain then they are indistinguishable from a phishing attack.

With most bulk mailing services, the message will come from the "first-party domain". They will have configured that service as a legitimate sender for the domain via SPF/DKIM DNS records.

discuss

inetknght|5 years ago

> With most bulk mailing services, the message will come from the "first-party domain". They will have configured that service as a legitimate sender for the domain via SPF/DKIM DNS records.

It's not just the from:marketing@firstparty.com that I'm talking about. If the unsubscribe link does not also go to firstparty.com, then it's still indistinguishable from phishing.