Cousin domains

When I checked in on Facebook this morning there was a discussion from a couple people frustrated by cousin domains. I share their frustration.

Kitten running through field with text “every time a marketing department registers a cousin domain, god kills a kitten”

Cousin domains are a major problem for ISPs trying to protect their users from phishing and other fraud. Because so many companies use cousin domains in their legitimate mail, ISPs can not be strict with them. Instead, they have to expend time and energy to determine if this particular cousin domain is legitimate or not.

It’s time, energy and other resources that could be used better.


Related Posts

What SPF records should you publish?

When it comes to SPF records there seems to be a lot of confusion. I mean, a decade after I posted it Authenticating SPF is still the most frequently visited post on the site. And, of course, there are hundreds of other pages out there that discuss SPF and what to publish. Still, there are common questions.

Read More

Back from MAAWG

Had an all too short trip to M3AAWG. It was great to see old friends and meet new folks. I have lots to talk about and a poll to get into the field once I get caught up on client work.

While I’m deep in the depths of my inbox, I thought I’d share a bit of insight into the question of new domain vs. subdomain that often comes up.

Read More

People are the weakest link

All of the technical security in the world won’t fix the biggest security problem: people. Let’s face it, we are the weakest link. Adding more security doesn’t work, it only causes people to figure out ways to get around the security.

Read More