Path: ...!news-out.netnews.com!s1-2.netnews.com!feeder.usenetexpress.com!tr3.iad1.usenetexpress.com!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail
From: "Edward Rawde" <invalid@invalid.invalid>
Newsgroups: sci.electronics.design
Subject: Re: Phishing
Date: Fri, 6 Sep 2024 20:41:49 -0400
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Lines: 57
Message-ID: <vbg7ge$2pms$1@nnrp.usenet.blueworldhosting.com>
References: <vbcvp4$eoqp$1@dont-email.me> <vbdgep$kgm$1@nnrp.usenet.blueworldhosting.com> <vbfivs$tlhp$3@dont-email.me> <vbg51a$lm8$1@nnrp.usenet.blueworldhosting.com> <vbg6k6$10i21$1@dont-email.me>
Injection-Date: Sat, 7 Sep 2024 00:41:50 -0000 (UTC)
Injection-Info: nnrp.usenet.blueworldhosting.com; logging-data="91868"; mail-complaints-to="usenet@blueworldhosting.com"
Cancel-Lock: sha1:M1UxQ0bOQie7Ff+lZQFY3C3G4VY= sha256:rbTzBtgq4lVC8w7BWTnhqjjIYh/8xfse900m006WyHk= sha1:mtm1Qixo7xpVDrP21AiZ7xZNwDw= sha256:Mt+he83MzvjbbmJK4OmIORYZ/EhtYEOv+q8agK78Dow=
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
X-Newsreader: Microsoft Outlook Express 6.00.2900.5931
X-MSMail-Priority: Normal
X-RFC2646: Format=Flowed; Response
X-Priority: 3
Bytes: 4048

"Don Y" <blockedofcourse@foo.invalid> wrote in message news:vbg6k6$10i21$1@dont-email.me...
> On 9/6/2024 4:59 PM, Edward Rawde wrote:
>>> OTOH, if you are a WELCOMED caller, the phone actually *rings*.
>>>
>>> Two of our phones only accept calls from the OTHER of our
>>> phones (the numbers have never been "given out" to anyone
>>> so an incoming call that is not from one of our phones is
>>> obviously not something we want to receive).  If you
>>> deliberately fail to set up your voicemail, then these
>>> calls just fall off into never-never-land.
>>>
>>>> I don't bother filtering email except at the server level where some countries can't connect inbound at all.
>>
>> Actually that's not quite true because at the server level I also have
>> https://rspamd.com/ which works well.
>
> I let my MTAs handle spam detection.  But, they can't determine if a
> "please verify your email" message is warranted, or not.  And, those
> often contain a link to make it easier for you to invoke a browser
> at the specific target URL.
>
>> I can't remember when I last got a message containing a dodgy URL or dodgy attachment.
>> Unexpected attachments are always discarded.
>
> I regularly receive attachments from folks on my non-published accounts.
> Often, just photos that they are using to illustrate something.  Other
> times, large chunks of code or documentation.  Sometimes, EXEs (where
> they want to illustrate the behavior of a piece of code and know that I
> don't have access to their native RTOS to run a compiled binary for it).

I never allow an MTA to do anything with an exe other than discard it.
If I have a need to send an exe it goes in a zip which is made downloadable.

>
> The same applies in reverse.  E.g., if I want to get an appraisal of
> the differences in pronunciation for different algorithms, it's easier
> to send them a WINDOWS binary and let *them* choose the words to compare.
> This lets them also play with the characteristics of the *voice* (which
> is different from the *pronunciation*) to accentuate any differences
> they perceive -- based on their own hearing artifacts.
>
> Of course, this all gets executed in a sandbox (belts-n-braces).
>
>> Sometimes I'll have a look at where a dodgy URL goes but most often it goes nowhere due to my outbound filtering.
>>
>>> The phishing protection doesn't rely on filtering messages.
>>> Rather, just not making URLs easy to access (or attachments
>>> easy to open).
>>>
>>> Folks who have any of my "non-public" email addresses are
>>> treated like you would expect a trusted correspondent to be
>>> treated.  But, traffic on the "public" (published) accounts
>>> is highly censored.
>
>