Re: [exim] Anti Phishing ACL

Top Page
Delete this message
Reply to this message
Author: Rick Cooper
Date:  
To: 'Exim Users List'
Subject: Re: [exim] Anti Phishing ACL


> -----Original Message-----
> From: exim-users-bounces@???
> [mailto:exim-users-bounces@exim.org] On Behalf Of Jeroen van Aart
> Sent: Thursday, October 30, 2008 2:31 PM
> To: Exim Users List
> Subject: Re: [exim] Anti Phishing ACL
>
> neil wrote:
> > I have tried in the past to contact banks and ask about
> SPF, DKIM etc,
> > but I have had no reply.
>
> Rightfully so. I wouldn't trust a bank who'd just comply to
> the whims of
> an individual emailing them about this or that random
> questionable feature.
>
> > Yes I know that SPF etc breaks stuff <cue furious debate about
> > forwarding>, but I would have though that in the few cases
> where people
> > set up deliberate forwarding they could whitelist, versus
> the millions
> > of phishing mails sent each day.
>
> Do you honestly believe that SPF or whatever is the newest
> fancy useless
> feature will prevent phishing even a tiny bit? I don't. SPF
> doesn't just
> break forwarding but can actually promote spam and spammers
> appear to
> have adopted it quickly:
> http://www.theregister.co.uk/2004/09/03/email_authentication_spam/
>


One should not accept a message because SPF is passed, but one should surely
reject a message if SPF says fail. Would obviously not deter all phishing,
however if one wanted to pursue a phising site the very fact that their spf
records pass that host means the domain owner has accepted responsibility
for the email. But one thing SPF/DKIM/etc should help with joe-jobs. Nothing
bugs me more than getting a bunch of back-scatter when my SPF record states
exactly what hosts are allowed to send mail for my domain(s) and hard fails
all others (or dkim not used/invalid) and the email in question obviously
came from a comcast host.

Rick


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.