On 4/30/2012 2:19 PM, Jacob Beauregard wrote:
> On 04/30/2012 01:34 PM, J. Greg Mackinnon wrote:
>> There are lots of online resource available to help you identify a 
>> phish.  Google around a bit.  A good starting point might be:
>> http://pages.ebay.com/education/spooftutorial/index.html
>> On this page, ebay support explains how to spot a fake email message 
>> from ebay.  Much of what is covered here also applies to 
>> communications from UVM support staff.
> Tangentially related, is there a way to tell whether an email from a 
> UVM address (presumably to another UVM address) was authenticated via 
> username/password? I'm thinking to verify, that the first "Received" 
> header would be smtp#.uvm.edu, and specify SSL/TLS. However, I don't 
> know whether there's a specific indicator in the headers, which would 
> be useful.

Our email admins would have more authoritative info, but my 
understanding is that all email headers can be forged, so there would be 
no conclusive way to prove that a message was "authentic" from mail 
headers alone.  Mail signatures might be useful here, or they may just 
confuse everyone to death.  Hard to tell.

-Greg