Michael Scheidell <[EMAIL PROTECTED]> writes: > Also, and if you require all mail servers to only take mail from > xxx.bank.com, what good is that? doesn't that break how everyone > receives email?
No. It just rings very loud alarm bells when an email claiming to be from the bank comes from a server other than *.bank.com. It does, of course, require the user to check but this can be done either automatically by something like Spamassassin or using the Mk1 human eyeball to examine the message headers. It would not be necessary for the user to examine the headers of every message, just those claiming to come from 'high risk' (to the recipient) senders.