> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> Brad Knowles
> Sent: Thursday, June 30, 2005 12:48 PM
> To: Peter Corlett
> Cc: [EMAIL PROTECTED]
> Subject: Re: ISP phishing
>
>
>
> At 12:20 PM + 2005-06-29,
At 12:20 PM + 2005-06-29, Peter Corlett wrote:
Sure Alice has control. Last week, I told my ISP where to stick their
shoddy service and took my business elsewhere.
You're assuming that there are always alternatives available for
the entire world population. While there may usually be
On Tue, Jun 28, 2005 at 04:35:30PM -0500, Brad Knowles wrote:
> Fortunately for me, all the phishing attempts were pretty stupid,
> and failed because they relied too much on Windows-specific attacks,
> Windows-specific MUAs, etc
In my case they were merely amusing. If there *were* a
* [EMAIL PROTECTED] (Tony Finch) [Wed 29 Jun 2005, 15:28 CEST]:
On Wed, 29 Jun 2005, Peter Corlett wrote:
Tony Finch <[EMAIL PROTECTED]> wrote:
[...]
Actually, what you have to guarantee is that you never send email to
anyone who forwards their email elsewhere. This is impossible.
How do you
On Wed, 29 Jun 2005, Suresh Ramasubramanian wrote:
On 29/06/05, william(at)elan.net <[EMAIL PROTECTED]> wrote:
BTW - I happened to know person who has setup email forwarding for his
department in major university in st.louis on sparc2 12 years ago.
It is still working as far as I know! Last
On Wed, 29 Jun 2005, Suresh Ramasubramanian wrote:
>
> We dont do sender rewriting / envelope rewriting for forwarded email,
> just pass it on
> We'll prepend Resent: headers though .. that should be enough
That's not permitted by RFC 2822 and it'll cause interoperability problems
with software t
On 29/06/05, william(at)elan.net <[EMAIL PROTECTED]> wrote:
>
> BTW - I happened to know person who has setup email forwarding for his
> department in major university in st.louis on sparc2 12 years ago.
> It is still working as far as I know! Last mail software update on it
> I believe was made
On Wed, 29 Jun 2005, Peter Corlett wrote:
> > Actually, what you have to guarantee is that you never send email to
> > anyone who forwards their email elsewhere. This is impossible.
>
> How do you figure that?
>
> The failure mode in this case is if somebody arranges "dumb" mail
> forwarding that
On Wed, 29 Jun 2005, Suresh Ramasubramanian wrote:
On 29/06/05, william(at)elan.net <[EMAIL PROTECTED]> wrote:
Another issue is that are doing the forwarding are the ones that
are most often least maintained as far as upgrading software and
enabling new SMTP features. As a result an idea tha
On Wed, 29 Jun 2005, Peter Corlett wrote:
> Tony Finch <[EMAIL PROTECTED]> wrote:
> [...]
> > Actually, what you have to guarantee is that you never send email to
> > anyone who forwards their email elsewhere. This is impossible.
>
> How do you figure that?
>
> The failure mode in this case is if
On 29/06/05, william(at)elan.net <[EMAIL PROTECTED]> wrote:
> Another issue is that are doing the forwarding are the ones that
> are most often least maintained as far as upgrading software and
> enabling new SMTP features. As a result an idea that we will ask
> all forwarders to change and identi
Suresh Ramasubramanian <[EMAIL PROTECTED]> wrote:
[...]
> Actually Alice doesnt have control over her ISP who believes that kool
> aid about path authentication being a silver bullet and rejects
> wholesale based on spf failures (sometimes treating ~all or ?all as
> equivalent to -all)
Sure Alice
Tony Finch <[EMAIL PROTECTED]> wrote:
[...]
> Actually, what you have to guarantee is that you never send email to
> anyone who forwards their email elsewhere. This is impossible.
How do you figure that?
The failure mode in this case is if somebody arranges "dumb" mail
forwarding that doesn't do
On Wed, 29 Jun 2005, Mike Leber wrote:
See my other email in regards to this mobile user strawman argument.
Look in the archives for the same arguments against closing open relays.
Current mobile-user arguments against SPF do indeed remind of the anti
open-relay battles 5-8 years ago. Not o
On 29/06/05, Mike Leber <[EMAIL PROTECTED]> wrote:
>
> You don't have control over what forwarding, filtering, or whitelisting
> Alice does with her personal mailbox.
>
Actually Alice doesnt have control over her ISP who believes that kool
aid about path authentication being a silver bullet and
On Wed, 29 Jun 2005, Tony Finch wrote:
> On Wed, 29 Jun 2005, Brad Knowles wrote:
> > SPF is not a panacea.
> >
> > In fact, it is pretty much totally worthless, unless you are the sole
> > owner of a given domain and you can guarantee that all mail you ever send
> > will
> > always be r
On Wed, 29 Jun 2005, Brad Knowles wrote:
>
> SPF is not a panacea.
>
> In fact, it is pretty much totally worthless, unless you are the sole
> owner of a given domain and you can guarantee that all mail you ever send will
> always be routed through the machines that you own and control
At 4:30 AM +0200 2005-06-29, Paul Wouters wrote:
It would have been better if he had just installed SPF, and published DNS
records for his own domain, and rejected them based on that. Then other
people receiving forged emails with his domain would also be able to just
drop those emails.
At 10:30 PM 6/28/2005, Paul Wouters wrote:
I applaud his move, and wish more groups did the same.
It would have been better if he had just installed SPF, and published DNS
records for his own domain, and rejected them based on that. Then other
people receiving forged emails with his do
On Tue, 28 Jun 2005, Brad Knowles wrote:
At 5:17 PM -0400 2005-06-28, Mark Tombaugh wrote:
On Thu, 2005-06-23 at 09:54 -0400, Robert Boyle wrote:
we enabled a global rule which blocks
any email from accounts such as billing, root, postmaster, antivirus,
abuse, security, etc. which don't
At 05:17 PM 6/28/2005, Mark Tombaugh wrote:
On Thu, 2005-06-23 at 09:54 -0400, Robert Boyle wrote:
> we enabled a global rule which blocks
> any email from accounts such as billing, root, postmaster, antivirus,
> abuse, security, etc. which don't originate from our management IP space
> where ou
At 5:17 PM -0400 2005-06-28, Mark Tombaugh wrote:
On Thu, 2005-06-23 at 09:54 -0400, Robert Boyle wrote:
we enabled a global rule which blocks
any email from accounts such as billing, root, postmaster, antivirus,
abuse, security, etc. which don't originate from our management IP space
whe
On Thu, 2005-06-23 at 09:54 -0400, Robert Boyle wrote:
> we enabled a global rule which blocks
> any email from accounts such as billing, root, postmaster, antivirus,
> abuse, security, etc. which don't originate from our management IP space
> where our people work. As a result, we have stopped
At 10:41 AM 6/23/2005, you wrote:
We did as well, but we did not yet find a solution for legit bounces..
it naturally breaks that.
I've been thinking about what you said, but I can't imagine a scenario in
which this would affect bounce delivery to or from our admin-type
addresses. Incoming b
On Fri, 24 Jun 2005 01:20:27 +0200, Gadi Evron said:
> Thing is, user-trust or no user-trust, they click by the masses.
One wonders how many people would click on a phish from the First
National Bank of Dancing Hamsters, just because
pgpa4XUbqVkbA.pgp
Description: PGP signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 24 Jun 2005, Gadi Evron wrote:
Joel Jaeggli wrote:
The bigger issue is that users simply don't trust any kind of "official
communication" anymore and I don't see anything other than pki that
could actually restore that.
PKI alone won'
Joel Jaeggli wrote:
> The bigger issue is that users simply don't trust any kind of "official
> communication" anymore and I don't see anything other than pki that
> could actually restore that.
PKI alone won't solve it, but we are not trying to "fix" phishing here
(good thought though!). I ag
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 23 Jun 2005, Gadi Evron wrote:
Due to the huge number of variants in the wild, our AV software can't
keep up (probably nobody's can). Instead, we enabled a global rule which
blocks any email from accounts such as billing, root, postmaster,
Robert Boyle wrote:
>
> At 05:37 AM 6/23/2005, you wrote:
>
>> Hi guys. I notice a large increase in recent weeks of ISP directed
>> phishing - largely because of worms moving backward to using the user's
>> own domain for the spam, but not just in the from: address.
>>
>> I believe this started
At 05:37 AM 6/23/2005, you wrote:
Hi guys. I notice a large increase in recent weeks of ISP directed
phishing - largely because of worms moving backward to using the user's
own domain for the spam, but not just in the from: address.
I believe this started out as a "let's feel this out" or "wow,
Hi guys. I notice a large increase in recent weeks of ISP directed
phishing - largely because of worms moving backward to using the user's
own domain for the spam, but not just in the from: address.
I believe this started out as a "let's feel this out" or "wow, that
worked, let's phish ISP's dir
31 matches
Mail list logo