Re: [exim] Anti Phishing Trick

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Marilyn Davis
Dátum:  
Címzett: David Woodhouse
CC: exim-users, Nigel Metheringham
Tárgy: Re: [exim] Anti Phishing Trick
On Wed, 24 Aug 2005, David Woodhouse wrote:

> On Wed, 2005-08-24 at 09:01 -0700, Marilyn Davis wrote:
> > A forwarded message does not have the local_part@domain of the
> > recipient on the To: header.
>
> What makes you think that? It isn't necessarily true in the general
> case. I _often_ receive mail which is To: my primary address and Cc: to
> an address which gets forwarded there somehow.


But, we're not talking about the general case. We're talking about
Phish. Or mail from a legitimate banking institute. Phish tries hard
to look legitimate and puts one address on the To: header. Or at
least the phish I get looks like that.

If you have your bank sending you mail to 2 addresses that get
forwarded together, and makes you susceptible to phish, then you might
want to fix that. Again, it's not my responsibility.

How about: If there is a To: header that matches the recipient address
and the message fails SPF, then it's phish, or somebody else's mistake
and ought to be rejected so it can be fixed.

Anyone like that?

Marilyn