Re: [exim] Anti Phishing Trick

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Marilyn Davis
Ημερομηνία:  
Προς: David Woodhouse
Υ/ο: exim-users, Nigel Metheringham
Αντικείμενο: Re: [exim] Anti Phishing Trick
On Wed, 24 Aug 2005, David Woodhouse wrote:

> On Wed, 2005-08-24 at 09:01 -0700, Marilyn Davis wrote:
> > A forwarded message does not have the local_part@domain of the
> > recipient on the To: header.
>
> What makes you think that? It isn't necessarily true in the general
> case. I _often_ receive mail which is To: my primary address and Cc: to
> an address which gets forwarded there somehow.


But, we're not talking about the general case. We're talking about
Phish. Or mail from a legitimate banking institute. Phish tries hard
to look legitimate and puts one address on the To: header. Or at
least the phish I get looks like that.

If you have your bank sending you mail to 2 addresses that get
forwarded together, and makes you susceptible to phish, then you might
want to fix that. Again, it's not my responsibility.

How about: If there is a To: header that matches the recipient address
and the message fails SPF, then it's phish, or somebody else's mistake
and ought to be rejected so it can be fixed.

Anyone like that?

Marilyn