When is a phish not a phish?

How about, when the email is actually legitimate? But, how do you know, if the company isn't using their brand or company name in the from address? John Levine shares a scary example of what turns out to be a legitimate email, just with really, really poor branding. It makes me seethe, because it goes against everything we're supposed to be teaching end users to know about how to tell a good email from a bad one. (For more on what phishing is, click here.)