Hi,
sorry, to flood you with questions, but another one of
my yesterday's questions. It hasn't been answered yesterday.
Imagine this:
MAIL FROM: <clerk(_at_)yourbank(_dot_)com>
SUBMITTER=criminal(_at_)superphishing(_dot_)any
Of course, superphishing.any would cover the sending MTA's IP address,
so the message would be accepted by the receiving MTA.
But how could the human reading the message tell that it came from
superphishing.any and not from the bank? Today's MUAs are not ready
for this extensions and I do not see how the SUBMITTER value would
find it's way to the human reader.
So forging and cheating is still possible, isn't it?
regards
Hadmut