Author: David Woodhouse Date: To: Marilyn Davis CC: exim-users, Nigel Metheringham Subject: Re: [exim] Anti Phishing Trick
On Wed, 2005-08-24 at 09:30 -0700, Marilyn Davis wrote: > How about: If there is a To: header that matches the recipient address
> and the message fails SPF, then it's phish, or somebody else's mistake
> and ought to be rejected so it can be fixed.
>
> Anyone like that?
Yeah. That's great -- as long as we're not talking about the general
case, as you say. If we're only talking about Phish, it's fine. It's
only when you apply it in general to all incoming mail that it starts
throwing away valid mail.
Actually, if we know we're only talking about Phish, we could go one
better -- we could just reject it all.
Except of course that we have to have some way of telling it apart from
genuine mail, in the general case.