Phishing protection in an e-mail client?

M

Maksim2019-02-27 15:39:15

Phishing

Maksim, 2019-02-27 15:39:15

Dobryi,
I searched for a thread of a module/plugin for well-known email clients or possibly integrated into some products that signal possible phishing:
What I would like to see:
- in case of a long correspondence (analysis of a chain of letters), letters start to come from a fake domain, for example was domain.com became d0main.com.
- Report the differences between the positions From: and Reply-to:
- It is possible to connect to some database to assess the validity of the domain, for example, a letter came from the domain gmail.com score 10 or gmaill.com score 1
So far I have searched only for Outlook, there is nothing similar I see.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

Vladimir, 2019-02-27
@MechanID

1 Mail clients form chains based on the Message-ID field: it is unique enough that you can’t just guess it, and if bad people read your mail, then you already have problems.
2 Substitution of senders in the From: field and any domain.com became d0main.com. - completely blocked if the sender's domain has dkim, strict spf and dmarc, and the recipient's server can check it all.
Therefore, your mail server that receives mail should protect against phishing.