Re: phishing & MS MUAs

On Mon, 7 Jun 2004, Meng Weng Wong wrote:

On Mon, Jun 07, 2004 at 02:26:56PM +1000, Chris Drake wrote:
| MS MUA's hide the sender email address by default, so anyone is free
| to do this:-
| 
| MAIL FROM: spammer(_at_)spf+cid-compliant-evilhost(_dot_)com
| DATA
| From: "updates(_at_)microsoft(_dot_)com" 
<spammer(_at_)spf+cid-compliant-evilhost(_dot_)com>
| 
| etc...
| 
| so CID, as it currently stands, is (IMHO) pointless - or am I missing
| something?

Don't MS MUAs say

  From <sender-address> on behalf of <from-address>


I thought that was only if
a) Sender is present
b) From is present
c) Sender != From

S.

-- 
Shevek                                    http://www.anarres.org/
I am the Borg.                         http://www.gothnicity.org/

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Dear Microsoft,, (continued) Re: Dear Microsoft,, wayne Re: Dear Microsoft,, James Couzens RE: Dear Microsoft,, Michael R. Brumm Re[2]: Dear Microsoft,, Chris Drake Re: Dear Microsoft,, wayne phishing & MS MUAs, Chris Drake Re: phishing & MS MUAs, Meng Weng Wong RE: phishing & MS MUAs, Vivien M. Re[2]: phishing & MS MUAs, Chris Drake RE: Re[2]: phishing & MS MUAs, Scott Kitterman Re: phishing & MS MUAs, Shevek <= Re: Dear Microsoft,, James Couzens Re: Dear Microsoft,, Angus Re: Dear Microsoft,, James Couzens Off-topic: pgp, spf Re: Off-topic: pgp, Jon Kyme Re: Dear Microsoft,, Greg Wooledge Re: Dear Microsoft,, list+spf-discuss Re: Dear Microsoft,, Greg Connor Re: Dear Microsoft,, James Couzens Re: Dear Microsoft,, Greg Connor

Previous by Date:	Re: Dear Microsoft,, Gerhard W. Recher
Next by Date:	Re: Dear Microsoft,, James Couzens
Previous by Thread:	RE: Re[2]: phishing & MS MUAs, Scott Kitterman
Next by Thread:	Re: Dear Microsoft,, James Couzens
Indexes:	[Date] [Thread] [Top] [All Lists]