spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Perkel <m...@perkel.com>
Subject Re: List of Banks often spoofed in Phishing scams
Date Wed, 04 Jun 2008 14:19:27 GMT


Randal, Phil wrote:
>
> We should be marking ALL such behaviour as phishing and hope that the
> banks (etc) finally get a clue.
>
> I certainly wouldn't trust my money with an outfit that was that
> clueless about security.
>
> Cheers,
>
> Phil
>
>   

Actually in some ways this leads to an interesting idea. In our wiki 
here perhaps we should write some guidelines for banks and everyone else 
running legitimate email servers as to what is the correct way to 
configure their servers. The first thig that come to mind is getting 
FCrDNS correct and making sure that the domain of the from address, the 
HELO, and FCrDNS all resolve to the banks domain.

In the case of gmail - I really wish the gmail servers resolved to 
gmail.com instead of google.com. Same with msn.com resolving to 
hotmail.com. Perhaps I should start working on this?



Mime
View raw message