Marc Perkel wrote: > I have an idea of something that should work that I'd like to try to > stop a lot of phishing email. > > Here's what I have in mind. Most phishing email pretends to be from well > know institutions, banks, paypal, etc. But even though the from address > is the institution, none of the received lines contain a host that > matches the institution name. > > For example - all paypal real email with come from paypal servers. > > So - my thinking is - create a list of institutions that are frequently > impersonated. If the sender address is one of those domains then the > received lines are searched for that domain. If there is no match then > we deny the message at the ACL level.
Sounds exactly what I did with the HELO time checks. -- Lab tests show that use of micro$oft causes cancer in lab animals -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
