> -----Original Message-----
> From: exim-users-bounces@???
> [mailto:exim-users-bounces@exim.org] On Behalf Of Marc Perkel
> Sent: 24 August 2005 03:15
> To: 'Exim-users'
> Subject: [exim] Anti Phishing Trick
>
> Here's an anti phishing trick I came up with. The idea is
> that major corps will have received lines that match the
> domain in the from address. Paypal email must come from
> paypal servers. This is driven from a list of institutions to
> test. Feedback appreciated.
>
Good idea. I've been doing a similar thing with mail from Hotmail and Yahoo
for some time:
deny
condition = ${if match{$sender_host_name}{\N^(.*\.)?hotmail\..+\N}}
! condition = ${if match{$sender_address_domain}{\N^hotmail\..+\N}}
message = Non-Hotmail sender address from Hotmail server.\n\
Please contact postmaster@$domain for further assistance.
deny
condition = ${if match{$sender_address_domain}{\N^hotmail\..+\N}}
! condition = ${if match{$sender_host_name}{\N^(.*\.)?hotmail\..+\N}}
! hosts = +relay_from_hosts
message = 'From' $sender_address_domain does not match 'Received'
headers.\n\
Please contact postmaster@$domain for further assistance.
deny
condition = ${if match{$sender_address_domain}{\N^yahoo\..+\N}}
! condition = ${if match{$sender_host_name}{\N^(.*\.)?yahoo\..+\N}}
! hosts = +relay_from_hosts
message = 'From' $sender_address_domain does not match 'Received'
headers.\n\
Please contact postmaster@$domain for further assistance.
- Mark
