Spoofing? You can't spoof the chain of Received header fields.
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of Charles Mills <[email protected]> Sent: Thursday, July 12, 2018 1:50 PM To: [email protected] Subject: Re: Seeking a tool to do a network security scan of z/OS > I suppose it's to much to expect for users to look at the trace fields to determine the provenances of messages. Nine out of ten recipients have no idea how to do so, and would not know what they were looking at if they did. And given spoofing, look-alikes and punycode, I'm not sure it's a great approach for anyone. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Seymour J Metz Sent: Thursday, July 12, 2018 9:35 AM To: [email protected] Subject: Re: Seeking a tool to do a network security scan of z/OS Does your SMTP server not do authentication? That would certain get the auditors' attention. Do your users respond to phish attempts? Another security problem, and one that has nothing to do with the mainframe. I suppose it's to much to expect for users to look at the trace fields to determine the provenances of messages. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
