Here's an anti phishing trick I came up with. The idea is that major
corps will have received lines that match the domain in the from
address. Paypal email must come from paypal servers. This is driven from
a list of institutions to test. Feedback appreciated.
# Verify large institutions to prevent phishing - paypal - ebay - banks
drop message = REJECTED - Sender domain does not match received
hosts! $h_From:
senders = *@dbm;/etc/exim/run/verifylist.db
!condition = ${if
match{$h_Received:}{(?i)$sender_address_domain}{true}{false}}
Here's my initial list:
2checkout.com
2co.com
amazon.com
banknorth.com
bankofamerica.com
bankofoklahoma.com
bankofthewest.com
barclays.co.uk
capitalone.com
charteronebank.com
charterone.com
citibank.com
citizensbank.com
commercebank.com
ebay.com
e-gold.com
fleetbank.com
hsbc.co.uk
huntington.com
keybank.com
lasallebank.com
lloydstsb.co.uk
mbna.com
paypal.com
regionsbank.com
southtrust.com
suntrust.com
tcfbank.com
unionplanters.com
usbank.com
visa.com
wamu.com
wellsfargo.com
--
Marc Perkel - marc@???
Spam Filter: http://www.junkemailfilter.com
My Blog: http://marc.perkel.com