On 18/11/2011 00:18, Christian Grunfeld wrote:
What it doesn't do is solve "froggery" (myriads of look-alike domains, which
your proposal does not solve) nor does it solve the fact that most of the
time the user doesn't even notice what's in the From: line (nor does your
proposal). Remember that many mail readers (outlook included) DO NOT SHOW
YOU THE EMAIL ADDRESS in the From: line by default.
my proposal does not need the user see the address...it checks
silently on behalf the user.
Unfortunately, all it will check is that the from address is OK-ish
according to the sender's domain.
It doesn't check that that message that says 'your paypal account has
been compromised, please enter your login details on
http://badpeople.com/giveusyourmoney.php' is actually from Paypal. The
'From' address, and the return path could be 'evilman(_at_)badpeople(_dot_)com',
and some people would still click on that link and enter their login
details.
The biggest reason phishing works is that some (many?) people become
very stupid as soon as you put a computer in front of them. Good luck
with finding a solution for that... :) Ask them in the street for their
password, and they'll tell you where to go, but send them an email with
a 'keyword' in (eg 'Paypal', or their bank's name), and they'll tell you
everything you want to know.
Actually, as an anti-forgery technique, which may help spam filters when
determining reputation, I think your idea would help (I know others
would disagree), but as a specifically anti-phishing technique, I think
human stupidity will beat it.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg