Re: [exim] Anti Phishing Trick

On Wed, 24 Aug 2005, Fred Viles wrote:

> But the case of forwarded accounts seems different to me. Whatever
> a site's spam filtering prowess, as a willing user of the system you
> are responsible for what happens to whatever email gets accepted on
> your behalf.

But the "you" in that sentence is not so much the mail admin, as the
individual user, isn't it? For some of these institutions, I
personally fit both descriptions, since I'm not only involved in
administering the mail server here, but I also need an account at the
remote research institution (and I find it convenient to forward its
email from there to here, as do a proportion of other users).
Whereas for some other institutions, I personally have no account
there, although some of our users do.

In the discussion here, I was speaking primarily as a mail admin, but
you've now shifted somewhat, and seem to be talking about an
individual user of a remote account of this kind.

> The fact that you (the user) are choosing to auto-forward to another
> site doesn't change that.
>
> Shades of grey...

Indeed. And our users (including ones senior to me, whose directions
I would do well to follow) are not slow to complain if forwarded spam
gets through our defences here and reaches their inbox. They expect
the mail admins to sort this out for them - they don't expect to have
to do their own individual anti-spam filtering on top of that. For
direct mail, this works pretty well, but, as this discussion has
shown, for forwarded mail it's less satisfactory. I don't have a good
solution.

best regards