-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[EMAIL PROTECTED]>, Marc Perkel <[EMAIL PROTECTED]> writes
>>I obviously missed it... but what is the purpose of this discussion? >> >>If for example you were considering sending an abuse email, then Demon >>would prefer it to be sent [EMAIL PROTECTED] ! >> >Several reasons - possibly the one you mentioned. There are mechanisms for locating the appropriate abuse@ email address which already exist -- and they do NOT work this way They start from the connecting IP address and not from any domain or host name -- for reasons, in a world in which forgery is rife, which ought to be entirely obvious If you only have a domain name to hand (such as for an advertised website) then you resolve that (carefully!) and then proceed on the basis that you have an IP address >But I'm thinking about >comparing the main domain pary of the $sender_address_domain to the >received lines to see if there is a match. Then you are wasting your time and ours You might usefully read Joshua Goodman's CEAS 2004 paper "IP Addresses in Email Clients" <URL:http://research.microsoft.com/~joshuago/ipaddres sesinclients-final.pdf> to see the sort of difficulties that arise when you start looking at Received lines which you did not add in order to assess their veracity. >One problem I'm having is >something like this: > >The sender is [EMAIL PROTECTED] >But the sending server in the received lines is accounting.paypal.com > >So - I want to grab just the "paypal.com" part can see if I can find >that in the received lines. It's part of my anti-phishing code. The idea >being that email from paypal.com will come from paypay servers somewhere >in received. it's a fine idea, but I note that Paypal make no such promise: FAQ: "How can I tell the difference between a real PayPal email and a fake one?" <URL:http://www.paypal.com/cgi-bin/webscr?cmd=_help- ext&eloc=31&loc=5&unique_id=609971> - -- richard Richard Clayton They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. Benjamin Franklin -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBQy7105oAxkTY1oPiEQJZSACfYCBIC1bpriTfrasc4hLXX5sPWJAAoMJx T1Lqo8X7EGMDH9BrdIqTDxJ6 =yYoB -----END PGP SIGNATURE----- -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
