Hello there, first of all: Excellent read, great PoC! Very informative.
I decided to test how the domain name interacts with emails and will post my results below:
(By "Nickname" I am referring to the "Name" you could select, in this example it would be "firstname.lastname@example.org", the supposed email of the actual domain owner.)
- Preview shows the "Nickname" eg: email@example.com (non-unicode, the 'actual owner' of the domain)
- Actual mail shows the "Nickname" and the Unicode email eg: firstname.lastname@example.orgʀ.com (unicode)
- Preview shows the "Nickname"
- Actual mail shows the "Nickname" and the translated email eg: email@example.com
-Preview shows the "Nickname"
- Actual mail shows the "Nickname", when you press "Show details" it displays the translated mail eg: firstname.lastname@example.org
- http://i.imguʀ.com actually displays the url correctly, you can even click on it directly
- The URL displays correctly, and when your unicode domain, redirects to the original domain in the DNS records, the preview lists the preview of the original domain
(When the DNS records do not redirect to the original site, it displays the spoofed preview, for example the i.imguʀ.com preview, displays pry0cc's preview page)
Edit: Added Discord results.
(I hope I wasn't too confusing, if anything is unclear, feel free to ask me for more info!)