[exim] Anti Phishing Trick

Top Page
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: 'Exim-users'
Subject: [exim] Anti Phishing Trick
Here's an anti phishing trick I came up with. The idea is that major
corps will have received lines that match the domain in the from
address. Paypal email must come from paypal servers. This is driven from
a list of institutions to test. Feedback appreciated.

# Verify large institutions to prevent phishing - paypal - ebay - banks

drop    message    = REJECTED - Sender domain does not match received 
hosts! $h_From:
    senders = *@dbm;/etc/exim/run/verifylist.db
    !condition = ${if 
match{$h_Received:}{(?i)$sender_address_domain}{true}{false}}


Here's my initial list:

2checkout.com
2co.com
amazon.com
banknorth.com
bankofamerica.com
bankofoklahoma.com
bankofthewest.com
barclays.co.uk
capitalone.com
charteronebank.com
charterone.com
citibank.com
citizensbank.com
commercebank.com
ebay.com
e-gold.com
fleetbank.com
hsbc.co.uk
huntington.com
keybank.com
lasallebank.com
lloydstsb.co.uk
mbna.com
paypal.com
regionsbank.com
southtrust.com
suntrust.com
tcfbank.com
unionplanters.com
usbank.com
visa.com
wamu.com
wellsfargo.com



--
Marc Perkel - marc@???

Spam Filter: http://www.junkemailfilter.com
    My Blog: http://marc.perkel.com