John Levine <johnl(_at_)iecc(_dot_)com> writes:
He uses another domain in his return address, like Steve said. You
may carefully look at the return address in your mail, but most people
don't, and even if they do, bank marketing departments are unable to
resist the urge to invent a new domain for every new ad campaign so it
doesn't tell you much if you don't recoginize the domain. (Quick, who
is applyonlinenow.com?)
And in doing that they are their own worst enemies. Everyone must
agree that phishing is a problem at the moment. The banks are, IMHO,
being very irresponsible by a) Not ensuring that all email they send
comes from a single identifiable and publicised domain (or a
sub-domain thereof) and b) Using third party mail services to send
mail shots on their behalf.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html