ISP phishing

• Previous message (by thread): ISP phishing
• Next message (by thread): ISP phishing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* dot at dotat.at (Tony Finch) [Wed 29 Jun 2005, 15:28 CEST]:
>On Wed, 29 Jun 2005, Peter Corlett wrote:
>>Tony Finch <dot at dotat.at> wrote:
>>[...]
>>>Actually, what you have to guarantee is that you never send email to 
>>>anyone who forwards their email elsewhere. This is impossible.
>>How do you figure that?
>>
>>The failure mode in this case is if somebody arranges "dumb" mail 
>>forwarding that doesn't do envelope rewriting, and also applies a SPF 
>>filter on their incoming mail. The problem is quite clearly of the 
>>recipient's making rather than any fault of the sender's.
>Most forwarding services do nothing but change the envelope recipient 
>address, and this has been standard practice for many many years. Sites 
>that do SPF checking on incoming email must take this into account if 
>their users forward email from elsewhere. However most sites do not do so, 
>partly because the SPF documentation doesn't make it clear that they must, 
>and partly because it's basically impossible - for every user that 
>forwards email to your site you must whitelist the IP addresses of the 
>forwarding mail servers, and you can't find out what those IP addresses 
>are or when they change.

How do I configure my router for that?


	-- Niels.

-- 
                              The idle mind is the devil's playground

• Previous message (by thread): ISP phishing
• Next message (by thread): ISP phishing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]