Author: Marilyn Davis Date: To: exim-users Subject: Re: [exim] Anti Phishing Trick
On Wed, 31 Aug 2005, Marc Sherman wrote:
> Marilyn Davis wrote:
> >
> > Yes. Another point, however, is that, for your bank, you might want
> > to give (just) them your unforwarded email address, or an address
> > that forwards from a system does rely on SPF, ... or you'll get phish
> > unless it is caught via some other mechanism. It's something to
> > suggest to customers who get phish forwarded to them.
> >
> > So, unless someone has something specific to and technically valid
> > against these particular observations, SPF seems useful enough to not
> > deserve the treatment it gets here.
>
> I haven't analyzed your new proposal in detail yet, so I can't comment
> specifically on it's merits. I just want to point out that you (and to
> a lesser extent, Steve Lamb) are doing the same thing here that you did
> when we had the long thread on C/R systems earlier this year; you're
> innovating a new technique based partially on an old, discredited one,
> and then using your new technique to argue the merits of the old one.
Thank you. I'll try to be more careful about that.