I agree,
I'm not a application Security expert, but why can the banks issue a
authentication Certificate, and only allow connections to those who are
authenticated?
Russell Sharpe
rsharpe(a)paradise.net.nz
Ph +64 4 9717665, +64 21 742 773
Fax +64 4 9717635, +64 21 342 776
-----Original Message-----
From: Craig Whitmore [mailto:lennon(a)orcon.net.nz]
Sent: Monday, 19 September 2005 17:52
To: Matthew Poole; nznog(a)list.waikato.ac.nz
Subject: Re: [nznog] New phish - Westpac
Banks should be proactive in these type of things. westpacs phish would of
been stopped if they had SPF records.
Quite a number of Banks in the States and other places have started to put
SPF records in to stop this phishing (This is what SPF is used for (not
Anti-Spam))
The IRD/SSC/Treasury (the 3 most important NZ government areas) have SPF
records (and they use -all which is good).
Before you reply. I've heard all the Anti-SPF abuse before. Yes it can break
forwarding, but people shouldn't forward without your permission (and then
you change your SPF records to allow this)
Thanks
Craig
http://www.spam.co.nz/spf
----- Original Message -----
From: "Matthew Poole"