On Sat, 25 Nov 2017 14:37:12 -0600 David Jones wrote:
> The default SA rules handle Paypal spoofing pretty well with > def_whitelist_from_spf in 60_whitelist_spf.cf. There are def_whitelist entries for amazon domains too. But these entries don't handle spoofing. > Adding "Paypal" and > various misspellings to a from:name rule handles spoofing very well. > I am only proposing that we extend this to other high-profile domains > like Amazon.com. It wouldn't be extending because (AFAIK) there isn't a stock rule like that for paypal. I think amazon needs a lot more caution than paypal. Paypal is a made-up word, its use by a third-party implies fraud. Amazon is a dictionary word that could be used legitimately by other organizations.
