See my post of 25/20/2017 to this list. Sent from ProtonMail Mobile
On Wed, Jan 17, 2018 at 20:31, David Jones <djo...@ena.com> wrote: > Would a plugin need to be created (or an existing one enhanced) to be able to > detect this type of spoofed From header? From: "h...@hulumail.com !" > https://pastebin.com/vVhGjC8H Does anyone else think this would be a good > idea to make a rule that at least checks both the From:name and From:addr to > see if there is an email address in the From:name and if the domain is > different add some points? We are seeing more and more of this now that SPF, > DKIM, and DMARC are making it harder to spoof common/major brands that have > properly implemented some or all of them. -- David Jones @hotmail.com>
