|
RE: Re[2]: phishing & MS MUAs
2004-06-07 05:56:00
One other consideration for Outlook users is the preview pane where
addresses are displayed differently. In my Outlook 2000 IMO installation,
if I open a message from the list, I see:
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com On Behalf Of Chris Drake
[localpart(_at_)pobox(_dot_)com]
But if I read the mail in the preview pane (I often do and I suspect I'm not
the only one), I see Chris Drake (sender name) in the summary list and I see
From owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com (from address) at the
top of the
preview pane.
Not horrible, but the preview pane can be run with e-mail headers hidden
(and why not since the information appears to be largely redundant).
Bottom line is that while an observant, well trained user, would see the
distinctions and avoid being phished, others would not. I would expect that
the observant, well trained user is already unlikely to be a victim in a
phishing scam. While Outlook can make more information available than
Outlook Express, there's no guarantee.
Scott Kitterman
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Chris
Drake
Sent: Monday, June 07, 2004 8:16 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re[2]: [spf-discuss] phishing & MS MUAs
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of
Meng Weng Wong
Sent: June 7, 2004 2:25 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] phishing & MS MUAs
Don't MS MUAs say
From <sender-address> on behalf of <from-address>
VM> The normal Outlook (XP in my case) says that, yes, assuming
the MTA puts
VM> <sender-address> in a Sender: header...
VM> This may or may not be the case for Outlook Express, though.
Outlook Express 6 completely ignores the "Sender:" header, and always
displays ONLY the part inside the "quoted" section of the "From:"
header (of if no quoted part, then the sender email address instead)
I just did a test of all permutations of headers with varying Sender:
headers, and every resultant email looks identical.
$ /usr/sbin/sendmail -i -N never -f christopher(_at_)pobox(_dot_)com
christopher(_at_)pobox(_dot_)com <spfd
$ cat spfd
Subject: spfd
Sender: "test7(_at_)test7(_dot_)com" <test6(_at_)test6(_dot_)com>
From: "test(_at_)test(_dot_)com" <test2(_at_)test2(_dot_)com>
To: "test3(_at_)test3(_dot_)com" <test4(_at_)test4(_dot_)com>
MIME-Version: 1.0
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: 7bit
<html>hi there</html>
$
Every resulting email displays only:-
From: test(_at_)test(_dot_)com
-----------------
Outlook XP is showing the senders email address (sorry if I confused
people earlier - I *think* I recall older versions *used* to show only
the "quoted" part)
The "Sender:" (if present) becomes the "From" person, and the "From"
becomes the "on behalf of" part. If the Sender: <email address> part
matches the From: <email address> part, no "On behalf of" stuff shows
up (even if the "quoted" part differs).
eg: These headers:-
Sender: "test7(_at_)test7(_dot_)com" <test8(_at_)test8(_dot_)com>
From: "test(_at_)test(_dot_)com" <test2(_at_)test2(_dot_)com>
Turn into this in Outlook XP:-
From: test7(_at_)test7(_dot_)com [mailto:test8(_at_)test8(_dot_)com] On
Behalf Of test(_at_)test(_dot_)com
(it does show test2(_at_)test2(_dot_)com is some other places as well)
If other people use Outlook and don't see sender email addresses (like
Outlook Express) it might be a good idea to let us know, since I might
have messed with some settings that make my install non-default now.
VM> -------
VM> Sender Policy Framework: http://spf.pobox.com/
VM> Archives at http://archives.listbox.com/spf-discuss/current/
VM> To unsubscribe, change your address, or temporarily
deactivate your subscription,
VM> please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate
your subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: Dear Microsoft,, (continued)
- Re: Dear Microsoft,, James Couzens
- Re: Dear Microsoft,, wayne
- Re: Dear Microsoft,, James Couzens
- RE: Dear Microsoft,, Michael R. Brumm
- Re[2]: Dear Microsoft,, Chris Drake
- Re: Dear Microsoft,, wayne
- phishing & MS MUAs, Chris Drake
- Re: phishing & MS MUAs, Meng Weng Wong
- RE: phishing & MS MUAs, Vivien M.
- Re[2]: phishing & MS MUAs, Chris Drake
- RE: Re[2]: phishing & MS MUAs,
Scott Kitterman <=
- Re: phishing & MS MUAs, Shevek
- Re: Dear Microsoft,, James Couzens
- Re: Dear Microsoft,, Angus
- Re: Dear Microsoft,, James Couzens
- Off-topic: pgp, spf
- Re: Off-topic: pgp, Jon Kyme
- Re: Dear Microsoft,, Greg Wooledge
- Re: Dear Microsoft,, list+spf-discuss
- Re: Dear Microsoft,, Greg Connor
- Re: Dear Microsoft,, James Couzens
|
|
|