Re: [exim] Anti Phishing Trick

Top Page
Delete this message
Reply to this message
Author: Marc Sherman
Date:  
To: exim-users
CC: David Woodhouse, Nigel Metheringham
Subject: Re: [exim] Anti Phishing Trick
Marilyn Davis wrote:
>
> My understanding, please correct me, is that The Federation of
> Yorkshire Jelly Wrestlers is responsible for maintaining the right
> info in their SPF record. So if they are sending from a different
> machine, then the failure of their mail to complete is the
> Federation's problem. They *should* realize that their SPF record is
> inaccurate when mail bounces for this reason, and then fix the
> problem.


Your understanding is wrong. :)

The mail originated from some guy on AOL, someguy@???, which does
publish SPF records. It's being sent to nigel_loves_jelly@???.
fyjw.org does not publish SPF, or run any SPF-aware software, because as
we all know, SPF is broken. The nigel_loves_jelly account forwards the
mail on to Nigel's other account, on a machine which _does_ check SPF.
It sees mail supposedly from AOL, but sent by fyjw.org, which is not
listed in AOL's SPF record, so the mail is rejected as a forgery.

- Marc