Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
Fake Red Hat security updateFake Red Hat security updatePosted Oct 25, 2004 16:42 UTC (Mon) by csm1975 (subscriber, #15864)Parent article: Fake Red Hat security update
SPF would prevent this sort of email from being accepted by the victim. Red Hat *DOES* have proper SPF records in DNS.
;; ANSWER SECTION:
So... if persons who received this email were to implement SPF on their end they would not get another one of these that "purported" to be from redhat.com.
http://spf.pobox.com for more information.
(Log in to post comments)
Fake Red Hat security update Posted Oct 25, 2004 18:25 UTC (Mon) by admcd (subscriber, #5415) [Link] Would SPF have prevented this?
What if the e-mail came from the fedora-redhat.com domain given in the e-mail? The owner of that fake domain could even have published SPF records for it, if they really wanted to.
Fake Red Hat security update Posted Oct 25, 2004 19:45 UTC (Mon) by csm1975 (subscriber, #15864) [Link] My SPF config would have...
If it had come from the fedora-whatever site it would not have but that wouldn't have been much of a phishing attempt would it?
Fake Red Hat security update Posted Oct 26, 2004 7:35 UTC (Tue) by admcd (subscriber, #5415) [Link] In which case you wouldn't have clicked on the www.fedora-redhat.com link. So SPF would have made no difference either way.
Fake Red Hat security update Posted Nov 4, 2004 15:41 UTC (Thu) by job (subscriber, #670) [Link] No, SPF would not have prevented that. The sender would have said "MAILFROM: myownsite.com", and "From: security@redhat.com" to you and you would be none the wiser. How often do you read your mail transactions to catch that suspicious looking line? Most people never have. Yet everyone and their dog wants to have opinions about how mail transport done. Learning how it works is much wiser, but few do.
|
|||||||||||