Re: [exim] Anti Phishing Trick

Top Page
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: Marilyn Davis
CC: exim-users, Nigel Metheringham
Subject: Re: [exim] Anti Phishing Trick
On Wed, 2005-08-24 at 09:30 -0700, Marilyn Davis wrote:
> How about: If there is a To: header that matches the recipient address
> and the message fails SPF, then it's phish, or somebody else's mistake
> and ought to be rejected so it can be fixed.
>
> Anyone like that?


Yeah. That's great -- as long as we're not talking about the general
case, as you say. If we're only talking about Phish, it's fine. It's
only when you apply it in general to all incoming mail that it starts
throwing away valid mail.

Actually, if we know we're only talking about Phish, we could go one
better -- we could just reject it all.

Except of course that we have to have some way of telling it apart from
genuine mail, in the general case.

Can we talk about the general case now?

--
dwmw2