Re: [exim] Anti Phishing ACL

Top Page
Delete this message
Reply to this message
Author: Ian Eiloart
Date:  
To: Richard Clayton, neil
CC: exim-users
Subject: Re: [exim] Anti Phishing ACL


--On 30 October 2008 12:31:52 +0000 Richard Clayton
<richard@???> wrote:

>
> In message <4909A321.9010503@???>, neil <neil@???>
> writes
>
>> I've been trying to stop these bank phishing mails.
>
> most anti-spam systems eat them for breakfast


Well, this is an anti-spam system. But, it's more principled than, for
example, content inspection. It should be easy to solve the case of bank
domain spoofing, with political will.

>
>> Rather than trying
>> to get the banks to implement DK, DKIM or SPF so I can check against
>> that, I have the snippet below.
>>
>> I was wondering if this is of any use to anyone else or if it could be
>> made better.
>
> this all rather depends whether your users forward bank email from
> somewhere else to you; and indeed whether you believe that the banks
> will tell you when they change email sending architecture...
>
>> I've checked the list and cant see anything similar.
>
> ... I expect people most people let their spam filters deal with
> phishing (and of course their generic anti-spam systems -- such as
> assessing the reputation of the sender and their HELO).
>
>> cat /usr/exim/banks
>>
>># abbey.co.uk
>># abbeynational.co.uk
>># abbey.com
>> alliance-leicester.co.uk
>> americanexpress.com
>># barclays.com
>> barclays.co.uk
>> egg.com
>> halifax.co.uk
>># hsbc.co.uk
>> hsbc.com
>># lloydstsb.co.uk
>> lloydstsb.com
>># natwest.com
>># natwest.co.uk
>># nwolb.com
>> paypal.com
>> rbs.com
>># rbs.co.uk
>># rbsdigital.com
>># rbsdigital.co.uk
>># sainsburysonline.com
>># ybonline.co.uk
>
> what about these (from my list of recent phishing victims, and there are
> many more banks and building societies than have been attacked):
>
>     Bank of Scotland (UK)
>     Barclaycard (UK)
>     Birmingham Midshires (UK)
>     Bradford & Bingley (UK)
>     Cahoot (UK)
>     Cater Allen (UK)
>     CitiBank (UK)
>     Clydesdale (UK)
>     Co-operative Bank (UK)
>     Coutts (UK)
>     Coventry BS (UK)
>     First Direct (UK)
>     HM Revenue & Customs (UK)
>     Intelligent Finance (UK)
>     MBNA Europe (UK)
>     Nationwide (UK)
>     Norwich & Peterborough BS (UK)
>     O2 (UK)
>     Scottish Widows (UK)
>     Smile (UK)
>     Tesco (UK)
>     Ulster Bank (UK)
>     Woolwich (UK)
>     Yorkshire Bank (UK)

>
> - --
> richard                                              Richard Clayton

>
> They that can give up essential liberty to obtain a little temporary
> safety deserve neither liberty nor safety.         Benjamin Franklin

>
>



--
Ian Eiloart
IT Services, University of Sussex
x3148