spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mouss <mo...@netoyen.net>
Subject Re: List of Banks often spoofed in Phishing scams
Date Wed, 04 Jun 2008 15:04:38 GMT
Marc Perkel wrote:
>>  
>
> Actually in some ways this leads to an interesting idea. In our wiki 
> here perhaps we should write some guidelines for banks and everyone 
> else running legitimate email servers as to what is the correct way to 
> configure their servers. The first thig that come to mind is getting 
> FCrDNS correct and making sure that the domain of the from address, 
> the HELO, and FCrDNS all resolve to the banks domain.

I am not sure the SA wiki is the right place to get banks to "listen".
>
> In the case of gmail - I really wish the gmail servers resolved to 
> gmail.com instead of google.com. Same with msn.com resolving to 
> hotmail.com. Perhaps I should start working on this?

Why? This is an artifical requirement. There is no problem if your goal 
is to do
- if it's from a "good" domain, accept it
- if it's not and if the sender is from a "spoofed" domain, do something.

The thing is to look for the client in a list, not to link each client 
to each sender.

The problem is if your list of good domains is incomplete. but this is 
not a reason to force an artificial requirement. After all, the checks 
above do not solve the phishing problem. mail from gmai1.com, 
gmail1.com, gmail-security.com, ... will not be detected unless you do a 
lot of work, which has nothing to do with gmail rDNS.


Mime
View raw message