I'd like to make a suggestion as to how to block a lot of fraud. This
would involve making a list of domains similar to the successful
freemail list plugin. The idea is to block email that spoofs major
institutions such as banks, credit cards, ebay, and other organizations
that want to try to get your password.
So - we start by compiling a list of banks that are often spoofed and
look at the received lines. The idea being that good email from these
institutions will come from host names that either match their domains,
or match the SPF. If it matches it's good - if it doesn't - it's bad.
Of course you also have to look for forged received lines - but that can
be done and in fact can be a rules to detect forgery. For example - if
there's a received line that says wellsfargo.com that is followed by an
IP with no RDNS, that would probably be spam.
We could also trigger rules on any email that is encouraging you to go
somewhere and give up your password. Spammers often try to get access to
your email account so they can spam in your name. Again - legit password
reset emails sould be easily detectable with very good accuracy.
I think these rules would not only be very effective but would really
hit spammers hard. It would make fraud less successful and less
profitable in the case of bank fraud spam. In the case of trying to get
your email password it will also reduce spam in that if people don't get
suckered then the spammers get less email passwords to spoof users, this
will cut them off at the source. So this would be an important step
forward in the fight against spam. I'm hoping that you all get inspired
by this and take on the challenge.
Anyhow - I'm hoping to start a discussion on this in the hope of someone
creating a plugin that will be part of SA.
Here's my initial list of domains to protect:
2checkout.com
2co.com
aa.com
abbey.co.uk
abbey.com
adobe.com
adp.com
aib.ie
amazon.com
americanexpress.com
anz.com
anz.com.au
aplfcu.org
authorize.net
bancorpsouth.com
banknorth.com
bankofamerica.com
bankofoklahoma.com
bankofthewest.com
bankwest.com
bankwest.com.au
banorte.com
barclays.co.uk
bmm.com.au
bmo.com
bofa.com
boh.com
cahoot.co.uk
cahoot.com
capitalone.com
careerbuilder.com
careercantre.com
centralbank.net
charterone.com
charteronebank.com
chase.com
chasebank.com
cibc.ca
citibank.com
citizensbank.com
clearmountainbank.com
commbank.com.au
compassbank.com
csfcu.coop
cu.org
cua.com.au
cuna.org
dhl.com
downeysavings.com
e-gold.com
ebay.co.uk
ebay.com
egg.com
egold.com
eppicard.com
etrade.com
fbi.gov
federalreserve.gov
firstbanks.com
firstdata.com
fleetbank.com
fmb.com
fnb.co.za
halifax-online.co.uk
halifax.co.uk
hsbc.co.uk
hsbc.com
huntington.com
id.apple.com
intl.paypal.com
int.paypal.net
ipaypal.com
irs.gov
iub.com
lasallebank.com
lcnb.com
lloyds.co.uk
lloydstsb.co.uk
mashreqbank.com
mastercard.com
matasano.com
maxfcu.com
mazuma.org
mbna.com
moneygram.com
nab.com.au
nacha.net
nacha.org
nafcu.org
natwest.co.uk
natwest.com
navyfcu.org
ncacu.org
ncua.gov
nwolb.com
orangesavingsbank.com
paypal.com
pvfcu.org
raiffeisen.ro
rbc.com
rbcroyalbank.ca
rbcroyalbank.com
rbs.co.uk
regionsbank.com
royalbank.ca
royalbank.com
royalbankofcanada.com
santander.co.uk
schwab.com
secu.com
security.com
snsbank.nl
southtrust.com
sprint.com
standardbank.co.za
stgeorge.com.au
suncoastfcu.org
suntrust.com
suntrustbank.com
tcfbank.com
td.ca
treas.gov
uboc.com
uc.com
unionplanters.com
usbank.com
visa.com
visa.com.br
vonage.com
wachovia.com
wamu.com
wellsfargo.co.uk
wellsfargo.com
westernunion.com
worldbank.org
8u8.com
adultfriendfinder.com
allstate.com
americangreetings.com
aol.nl
apn.net.au
ato.com.au
blizzard.com
bloomberg.com
citysex.com
craigslist.com
craigslist.org
dhl.com
ebayinc.com
everydayrewards.com.au
fabulous.com
facebook.com
facebookmail.com
fedex.com
flickr.com
friendfinder.com
greetings.com
hallmark.com
hallmark.org
hinet.net
idf.gov.il
linkedin.com
mailout.com
microsoft.com
microsoft.windowslive.com
monster.com
no-ip.org
noreply.com
passport.com
pay.com
pge.com
pse.com
skype.com
swip.net
target.com
teamccm.com
test.com
twitter.com
un.org
ups.com
ups.us
usga.org
vetproductsdirect.com
walgreens.com
wikipedia.org
windowslive.com
yahoo.com.cn
yahoo.com.hk
yahoo.com.in
yahoo.com.uk
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400
