Yep, you are damn right. I work in a company where I maintain a list for
canadian banks and more. It's a pain, but it's effective.
Should a few responsible of us contribute, it would greatly help.
Alex, from osmose.
Bow before me, for I am root.
On 12-08-24 02:03 PM, Matt Garretson wrote:
> In
In my experience, banks and financial institutions tend to be among the
worst offenders against sane bulk mailing practices. SPF or DKIM will
be broken or inconsistently applied, and sender/relay domains seem to
vary with the weather. I think it will be tough to nail down all the
valid domains a
That's my opinion too.
Therefor the community will have to contribute to the list of which
domain to add or not.
Alex, from osmose.
Bow before me, for I am root.
On 12-08-23 07:20 PM, Jason Haar wrote:
> Great idea - but don't under-estimate the amount of work. Someone
> thought there'd be "onl
Great idea - but don't under-estimate the amount of work. Someone
thought there'd be "only" 20-30 domains to be covered - but I'd say
that's actually 20-30 domains PER COUNTRY.
Here in New Zealand we get a lot of phishing attacks using New Zealand
banks - just like you get spam referring to your o
On 23/08/12 18:18, Marc Perkel wrote:
Let's take wellsfargo.com (Wells Fargo Bank) as an example.
If the FCrDNS of the connecting server is *.wellsfargo.com it is ham.
If wellsfargo.com is in the received lines and not forged it is ham.
If wellsfargo.com is in the received headers and it is forg
Let's take wellsfargo.com (Wells Fargo Bank) as an example.
If the FCrDNS of the connecting server is *.wellsfargo.com it is ham.
If wellsfargo.com is in the received lines and not forged it is ham.
If wellsfargo.com is in the received headers and it is forged it is spam.
If wellsfargo.com is in
> I guess what we are looking for is a plugin that can take a list of
> commonly abused domains known to have valid SPF records or valid DKIM
> signatures, and to be able to apply a (stronger) score to those messages
> that fail the SPF and/or DKIM test.
Several common domains that do provide a
I think the idea has merit. Can you open a bug in bugzilla, please? My
goals are to get some more polish on masscheck and put out a 3.4.0 rc1
and deal with the 3.4.X infrastructure changes. After that I'll offer
to work with you on this if no one steps up by then.
regards,
KAM
On 23/08/12 12:08, RW wrote:
On Thu, 23 Aug 2012 01:33:56 +0100
Ned Slider wrote:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr
=~ /\@fedex\.com$/i meta
LOCAL_SPF_FEDEX ((SPF_SOFTFAIL || SPF_FAIL)&&
__LOCAL_FROM_FEDEX) describeLOCAL_SPF_FEDEX
Fedex SPF Fail
and i
On 23/08/12 04:31, Kevin A. McGrail wrote:
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF
I can easily weed out all the fakes:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr =~ /\@fedex\.com$/i
meta LOCAL_SPF_FEDEX ((SPF_SOFTFA
Well i can help with a plugin to automate things but i can only automate
something once it is done a few times. Have you written the rules you think
will help for say two of the domain's?
Have you collected example ham and spam?
You have a good idea but without specifics, i don't know the patter
On Thu, 23 Aug 2012 01:33:56 +0100
Ned Slider wrote:
> # Fedex
> header__LOCAL_FROM_FEDEX Return-Path:addr
> =~ /\@fedex\.com$/i meta
> LOCAL_SPF_FEDEX ((SPF_SOFTFAIL || SPF_FAIL) &&
> __LOCAL_FROM_FEDEX) describe LOCAL_SPF_FEDEX
> Fedex SPF Fail
>
> and if I w
On 8/22/2012 8:31 PM, Kevin A. McGrail wrote:
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails
SPF I can easily weed out all the fakes:
# Fedex
header__LOCAL_FROM_FEDEXReturn-Path:addr =~ /\@fedex\.com$/i
metaLOCAL_
On 8/22/2012 8:33 PM, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF
I can easily weed out all the fakes:
# Fedex
header__LOCAL_FROM_FEDEXReturn-Path:addr =~ /\@fedex\.com$/i
metaLOCAL_SPF_FEDEX((SPF_SOFTFAIL || SPF_FAIL) &&
On Thu, 23 Aug 2012, Ned Slider wrote:
So if I hit all mail claiming to be sent from fedex.com that fails SPF I
can easily weed out all the fakes:
# Fedex
header __LOCAL_FROM_FEDEX Return-Path:addr =~ /\@fedex\.com$/i
metaLOCAL_SPF_FEDEX ((SPF_SOFTFAIL || SPF_
On 23/08/12 00:07, RW wrote:
On Wed, 22 Aug 2012 17:40:23 +0100
Ned Slider wrote:
On 22/08/12 16:22, Marc Perkel wrote:
I'd like to make a suggestion as to how to block a lot of fraud.
This would involve making a list of domains similar to the
successful freemail list plugin. The idea is to bl
RW writes:
> My bank outsources it's email to a email marketing company. I think
> this sort of thing is quite common. The received header has nothing to
> do with the the bank. It passes spf, but the domain is not one it
> uses for anything else.
I think the point is that if we know that bank
On Wed, 22 Aug 2012 17:40:23 +0100
Ned Slider wrote:
> On 22/08/12 16:22, Marc Perkel wrote:
> > I'd like to make a suggestion as to how to block a lot of fraud.
> > This would involve making a list of domains similar to the
> > successful freemail list plugin. The idea is to block email that
> >
On 22/08/12 16:22, Marc Perkel wrote:
I'd like to make a suggestion as to how to block a lot of fraud. This
would involve making a list of domains similar to the successful
freemail list plugin. The idea is to block email that spoofs major
institutions such as banks, credit cards, ebay, and other
I'd like to make a suggestion as to how to block a lot of fraud. This
would involve making a list of domains similar to the successful
freemail list plugin. The idea is to block email that spoofs major
institutions such as banks, credit cards, ebay, and other organizations
that want to try to g
20 matches
Mail list logo
