Thanks, Sam. I like your way of thinking. :) Sam Clippinger wrote: > I did some Googling today and found this: > http://www.phishtank.com/stats/2008/07/ > Apparently, in July of this year, phishtank.com verified more phishing > scams targeting PayPal than the rest of the top 10 targets combined. > That pretty impressive, although I must take it with a grain of salt > because I don't know anything about phishtank.com or how they collect > their stats. > > Anecdotally, I personally see a lot of PayPal scam emails and > SpamAssassin seems to catch all of them. However, most of my users are > not technically literate, nor are they sufficiently skeptical when it > comes to official-looking messages. Given the seriousness of falling > victim to a phishing scam, I would love to block those messages > entirely. If DKIM could stop them once and for all, it would be worth > the effort. > > Here's another way to think about it: spamdyke already does pretty much > everything _I_ need it to do. At this point, I continue working on it > because it's a hobby and I enjoy it. So even though I have a > prioritized TODO list, I'm willing to reshuffle it if even one person > expresses a need/desire for something. That's why I'm working on > recipient validation now -- it's not something I really need for myself > but everyone was asking for it so... > > If there's a feature you'd rather see in spamdyke before DKIM, now's the > time to speak up. :) > > -- Sam Clippinger > > Arthur Girardi wrote: >> Hi. >> >> >>> I disagree about waiting for a certain (or uncertain) percentage of servers >>> in a survey before implementing it though. This isn't a feature about >>> convenience or annoyance, it's a feature that will probably have a big >>> positive impact on some peoples lives. I think the fact that PayPal and eBay >>> have already implemented it (months ago) is a strong indicator of its >>> importance. I'd like to know which other major banking institutions have >>> implemented it, but I don't. I expect that Chase and BofA will be doing so >>> as soon as they can though (based on the phishing emails I've seen). >>> >>> Perhaps we can agree to disagree on this one. And like I said, I could be >>> wrong (again). ;) >>> >> Maybe I expressed myself incorrectly. Sure 15-20% is a wild guess of >> mine, who serves a not so critical slice of the market, and I try to >> keep things stable, avoiding adding too many tools that I don't >> consider essential. >> >> Surely big companies which work with any kind of eletronic commerce or >> online payment systems, like the ones you quoted, or any company that >> deals with money in a eletronic way, will always attemp to or >> implement these edge security enhancements, and well justified. But >> aside these cases, I hardly see a real purpose for the majority of >> small business people to enter this bloody jungle, other than for >> testing. >> >> In reality, I'm just ranting because I didn't see the major brazilian >> banks which also suffer from lots of of pishing, implementing these >> tools. Once they do (if the do), and depending on the speed they do, >> and also on the result of their work, that will surely have an impact >> on my business and consequentially on my decision of implementing it >> for myself. >> >> But one thing is for sure, either way, I (with the viewpoint of small >> business hosting provider) will refrain for now from implement >> anything like that unless someone puts up a nice tool with lots of >> log-spitting like what spamdyke does. :) >> >> Arthur >> >> >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>
-- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
