|
![](/i/fill.gif) |
On 4/7/2012 20:29, Patrick Elliott wrote:
> but what would you rather get, 500 different
> emails from 10.254.23.1, each one with a different domain name,
You mean, like, google app hosting?
> or the
> ability to mask out ones that go through 2 other "external" IPs, which you
> can surmise makes it a probable fraud, and only have to look at 1-2 emails
> that come from similar locations.
How do you tell there are 500 different emails each with a different domain
name without looking at them?
> For the most part, unless something goes **very** wrong in a network, or a
> major change happens to its morphology, its not just the endpoint that can
> be used to figure where it came from.
And it isn't. The ISPs do it too. It's just a lot of overhead for small ISPs.
> Instead of even an attempt at a smart solution, what we get is clients that
> hide the routing information, and let the scammers add
> "http://www.wellsfargo.com/accounts" to the "mouse over" for all the damn
> links, so that you either a) copy and paste that (it doesn't copy the real
> address under it), and end up at the legit point, of you click the link, and
> end up at "wells.fargo.scam.robyoublind.ru". In other words, the ***EXACT
> OPPOSITE*** of better security, and threat identification.
None of which has anything to do with where email originated from.
--
Darren New, San Diego CA, USA (PST)
"Oh no! We're out of code juice!"
"Don't panic. There's beans and filters
in the cabinet."
Post a reply to this message
|
![](/i/fill.gif) |