What do you mean by 'appropriate' ?
The address does not seem to be connected at the moment. It has no reverse
DNS, I can't find an SPF record.
I think it is important to accept that the Sender-Id design is intended to
be low barrier to deployment for email senders, it is not meant to be
highest possible security. Even if it only eliminates bulk spam it helps to
drain the pond.
The phishing gangs have significant technical capabilities but there is
still a value to raising the bar for new entrants. I would rather be chasing
ten gangs than a thousand.
We may well have to use more sophisticated authentication technology to
defeat the phishing gangs. But that will take some time. We cannot afford to
do what we keep doing in the security area and allow scope creep to cause us
to never deploy the good while we attempt the perfect.
-----Original Message-----
Last weekend a phishing attack took place against US Bank.
The phisher
spoofed and connected with the appropriate IP for US Bank,
170.135.72.63. How would SPF or Sender ID have managed to catch that
attack?
Thanks,
Bill McInnis
MessageLevel.com