Re: [exim] Anti Phishing Trick

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Steve Lamb
Data:  
Para: exim-users
Asunto: Re: [exim] Anti Phishing Trick
David Woodhouse wrote:
> So no, even for the individual with their own private mail server it
> doesn't really work that well for rejecting false mail. And when you
> start trying to apply it to recipient domains with a large number of
> users, each of whom may have different forwarding arrangements, it's
> basically impossible.


    Nope.


    Bayes + SpamAssassing for the win.


    Sorry, but SPF and RBLs are in the same boat.  Anyone who argues against
them is an idiot.  On the other side anyone who blindly rejects based solely
on them is also an idiot.


    But I'll be damned if adding SPF checks in to toss a header into the
message would result in another data point for the bayes engine in
SpamAssassin to do it's magic.  Same thing for the RBLs.  So now instead of
"Mail from a listed MX is valid" and "Mail from a non-listed MX is invalid" we
get "Mail from a listed MX is *likely* valid" and "Mail from a non-listed MX
is *likely* invalid".  With that in the first case if there is a preponderance
of evidence that the mail isn't valid it's still bounced.  At the same time in
the latter case if there is sufficient evidence that the mail is legitimate it
gets passed.


    So if he gets it right today and his Bayes knows about it when something
changes tomorrow...  OMG IT DOESN'T BREAK!


    So please, tone down the hysterics and get some rationality in your diet.


-- 
         Steve C. Lamb         | I'm your priest, I'm your shrink, I'm your
       PGP Key: 8B6E99C5       | main connection to the switchboard of souls.
-------------------------------+---------------------------------------------