alt Hacker News> how do you "be careful" with spoofed email?
You actually verify DKIM and SPF—you know, that “dmarc stuff”. That’s enough to tell you the mail is not spoofed.
> how do you "be careful" with spoofed email?
You actually verify DKIM and SPF—you know, that “dmarc stuff”. That’s enough to tell you the mail is not spoofed.
Oh god. Tell me you've never dealt with those in real life without telling me lol
Usually the very best you can do IRL is "probably fine" or "maybe not fine" and that's just not good enough to justify blocking customers. Email is an old tech and there's a lot of variation in the wild.