ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: How would SPF or Sender Id caught this one?

2004-07-30 16:50:26
from [Bill McInnis] [Permanent Link] 
Thanks for the reply,
 
I read that and that was my understanding as well.  So does this make it
a solution that works fine for mailing lists, but not for financial
institutions, online retailers, and pretty much anyone transacting
dollars online?  
 
The example was not made up.  We are seeing that scenario more and more
where I am sitting.    
 
 
Bill McInnis
MessageLevel.com
 
 -----Original Message-----
From: Daryl Odnert [mailto:daryl(_dot_)odnert(_at_)tumbleweed(_dot_)com] 
Sent: Friday, July 30, 2004 7:44 PM
To: Bill Mcinnis; IETF MARID WG
Subject: RE: How would SPF or Sender Id caught this one?




How would SPF or Sender ID have managed to catch that attack? 


I think the answer is: they cannot.  If the phisher successfully 
spoofed the an SMTP over TCP session, there is nothing that SPF 
or Sender ID can do about that. 

You might want to look at section 6.2 of draft-ietf-marid-core-02.txt. 

Regards, 
Daryl Odnert 
Tumbleweed Communications 
Redwood City, California
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: How is SPF different from RMX?, Dean Anderson
Next by Date:  RE: How would SPF or Sender Id caught this one?, Daryl Odnert
Previous by Thread:  RE: How would SPF or Sender Id caught this one?, Daryl Odnert
Next by Thread:  Re: How would SPF or Sender Id caught this one?, Harold A'Hole
Indexes:  [Date] [Thread] [Top] [All Lists]