spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SPF-compliant phishing?

2004-09-15 06:37:50
from [David Woodhouse] [Permanent Link] 
On Wed, 2004-09-15 at 07:09 -0500, Daniel Taylor wrote:

SPF does not validate users. In most of the examples below it is
obvious that the mail is a valid example.com e-mail,


No. That's clear only in #2. Thank you for making my point, although
since you were top-posting others may not bother to read your reply.

Look at case #1, case #3 and case #4 more closely. Did those really come
from _anyone_ with an email address at example.com/hosteddomain.com?

It's #1 that I find particularly interesting. 

-- 
dwmw2

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features 
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  SPF-compliant phishing?, Roger Moser
Next by Date:  Re: Wildcard DNS entry, David Brodbeck
Previous by Thread:  SPF-compliant phishing?, Roger Moser
Next by Thread:  Re: SPF-compliant phishing?, Jonathan Gardner
Indexes:  [Date] [Thread] [Top] [All Lists]