On Sat, 18 Jan 2014, Michael Monnerie wrote:
Dear list, since this week there are tons of very good forged bills that look
like real, from big companies like telekom, vodafone, etc. They look like the
original, and just the link in the middle, where it says "download your bill
here", goes to a site containing trojans.
[snip..]
domain. Also, as Vodafone uses SPF, I'd like to check if I hit VODAFONEgood
&& !SPF signature in the mail.
The problem with all this is, that there are MANY companies, so does someone
have a better idea?
For companies who use SPF or DKIM, create a whitelist_auth entry for them
then either black list them or create rules to hit on any sign of the
comnpany's messages. The whitelist_auth will override any rules so real
messages will get thru and the blacklist/targeted rules will hit the
imposterers.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
