On Wed, 24 Aug 2005, David Woodhouse wrote: > On Wed, 2005-08-24 at 09:01 -0700, Marilyn Davis wrote: > > A forwarded message does not have the [EMAIL PROTECTED] of the > > recipient on the To: header. > > What makes you think that? It isn't necessarily true in the general > case. I _often_ receive mail which is To: my primary address and Cc: to > an address which gets forwarded there somehow.
But, we're not talking about the general case. We're talking about Phish. Or mail from a legitimate banking institute. Phish tries hard to look legitimate and puts one address on the To: header. Or at least the phish I get looks like that. If you have your bank sending you mail to 2 addresses that get forwarded together, and makes you susceptible to phish, then you might want to fix that. Again, it's not my responsibility. How about: If there is a To: header that matches the recipient address and the message fails SPF, then it's phish, or somebody else's mistake and ought to be rejected so it can be fixed. Anyone like that? Marilyn -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
