Banks should be proactive in these type of things. westpacs phish would of been stopped if they had SPF records. Quite a number of Banks in the States and other places have started to put SPF records in to stop this phishing (This is what SPF is used for (not Anti-Spam)) The IRD/SSC/Treasury (the 3 most important NZ government areas) have SPF records (and they use -all which is good). Before you reply. I've heard all the Anti-SPF abuse before. Yes it can break forwarding, but people shouldn't forward without your permission (and then you change your SPF records to allow this) Thanks Craig http://www.spam.co.nz/spf ----- Original Message ----- From: "Matthew Poole" <matt(a)p00le.net> To: <nznog(a)list.waikato.ac.nz> Sent: Monday, September 19, 2005 5:31 PM Subject: Re: [nznog] New phish - Westpac