Yes, I think it's a security risk and numerous phishing scams use this.
On 1/17/2018 2:31 PM, David Jones wrote:
Would a plugin need to be created (or an existing one enhanced) to be
able to detect this type of spoofed From header?
From: "h...@hulumail.com !" <lany...@hotmail.com>
https://pastebin.com/vVhGjC8H
Does anyone else think this would be a good idea to make a rule that
at least checks both the From:name and From:addr to see if there is an
email address in the From:name and if the domain is different add some
points?
We are seeing more and more of this now that SPF, DKIM, and DMARC are
making it harder to spoof common/major brands that have properly
implemented some or all of them.
