I agree. What's the point of SenderID, DomainKeys and others that check the
822 FROM when the phishers can EASILY do this.
On AOL clients (8.0, 9.0, etc) we DO NOT display the display name. We only
show the real email address. I hope this never changes.
-Carl
On 9/28/04 3:00 AM, "Roger Moser"
<Roger(_dot_)Moser(_at_)rama(_dot_)pamho(_dot_)net> wrote:
I wrote:
To see how useless this is, copy following message into the file test.eml
and open it with Microsoft's Outlook Express
------snip-------
From: "support(_at_)bankofamerica(_dot_)com" <phish(_at_)phisher(_dot_)com>
To: you(_at_)example(_dot_)com
Subject: Account verification
MIME-Version: 1.0
Content-Type: text/html
<html><body>
Click here:
<a href="http://www.phisher.com";>https://www.bankofamerica.com</a>
</body></html>
------snip-------
For those who don't have Outlook, this is what Outlook Express displays:
From: support(_at_)bankofamerica(_dot_)com
Date: Tuesday, September 28, 2004 9:53 AM
To: you(_at_)example(_dot_)com
Subject: Account verification
Click here: https://www.bankofamerica.com
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
--
Carl Hutzler
Director, AntiSpam Operations
America Online Mail Operations
cdhutzler(_at_)aol(_dot_)com
703.265.5521 work
703.915.6862 cell