[LINK] Question re spoofing with bad reply address

Stephen Rothwell sfr at rothwell.id.au
Fri Jul 11 14:27:31 AEST 2014


Hi Hamish,

On Wed, 09 Jul 2014 17:55:27 +1000 Hamish Moffatt <hamish at cloud.net.au> wrote:
>
> > It also doesn't help for those with email addresses in domains that
> > other people using the same domain post from lots of different places.
> > (e.g. other members of my family use various ISP's outgoing mail
> > servers)
> >
> 
> Yes, that's true. It might not suit all domains, and users might need to 
> adapt. Any reason why your other family members couldn't use an 
> authorised sender instead though?

Well, if for no other reason than that many ISPs insist that you use
their mail server for outgoing email and people change ISPs every now
and then.  Yes, I could ask them all to use the submission port on my
server and set up accounts for all of them but most of them also have
other email accounts (like gmail) and most of them are not very tech
savvy ...

> Email security is pretty poor, can we expect to fix it without the users 
> changing their configurations at all?

No, we can't, but SPF is not a good solution.

-- 
Cheers,
Stephen Rothwell
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://mailman.anu.edu.au/pipermail/link/attachments/20140711/c86207e9/attachment.sig>


More information about the Link mailing list