On 20 Sep 2020, at 08:35, Daryl Rose <rosed...@gmail.com> wrote: > I can blacklist the email address, but I know that won't help. Is there a > rule that I can set up to catch more phishing attempts?
SPF and DMARC seem to be the only ways to deal with spams from large senders that are faked, but what is considered ‘faked’ may nt always match expectations. As an example, with many GUI mail clients the client shows the “nice” part of the from, and does not show the actual address. So some scammer can send an email from From: “supportad...@paypal.com” <spam...@spamsite.tld> And the recipient will only see a fake PayPal address. -- "...and Digby considered how much he liked salt..."
