They don't have an SPF record so people using only SPF are
still accepting the offending mail, presumably.
I'd agree, but when this company hears about SPF, what do you think
there chances are of adopting it are? How crippled would your company be
if you had to turn off your phone system?
I thought I'd post that here more so as a case study or example. This is
the first attack like this I have actually seen.
OTOH some people are _already_ rejecting this mail without
needing to wait for anything new. For example, this is what
happens if you try to send it to me...
220-pentafluge.infradead.org ESMTP Exim 4.30 Fri, 19 Mar 2004
16:47:01 +0000 220 Be gentle with me helo me 250
pentafluge.infradead.org Hello me [2002:c35c:f9fc::1] mail
from:<martyn(_dot_)cattermole(_at_)assetz(_dot_)com>
250 OK
rcpt to:<dwmw2(_at_)infradead(_dot_)org>
550-Verification failed for <martyn(_dot_)cattermole(_at_)assetz(_dot_)com>
550-Called: 212.53.64.41
550-Sent: RCPT TO:<martyn(_dot_)cattermole(_at_)assetz(_dot_)com>
550-Response: 550 unknown user
550 Sender verify failed
How does that work?
************************************************
Email checked by UKsubnet anti-virus service
To prevent email abuse & block spam
contact enquiries(_at_)uksubnet(_dot_)co(_dot_)uk
Tel: +44(0)8712360301 Web: www.uksubnet.net
Fax: +44(0)8712360300
Powered by UKsubnet Internet Service Provider
Business to Business Internet (ISP)
************************************************