Hijacked email address.
Ugo Bellavance
ugob at lubik.ca
Fri Apr 18 14:31:37 UTC 2008
kent at songbird.com a écrit :
> On Thu, Apr 17, 2008 at 01:31:49PM -0400, Ugo Bellavance wrote:
>>> There is NO way to prevent people from forging your name to the From: line
>>> on an e-mail message.
>> False.
>
> No, it's true. There is no way to prevent people from forging the From:
> header.
Ok.
>
>> SPF can help. DomainKeys can help.
>
> These things help detect forgeries after the fact, but they don't do
> anything to prevent forgeries in the From: line. They aren't designed for
> that purpose.
Exact, but if the recipients are rejecting messages based on a SPF
hardfail, for example, the result will be that there would be no
backscanner (which is what the OP wanted to prevent).
>> Some other mechanisms like
>> watermarking in MailScanner, and there is also something called EMEW in
>> BarricadeMX (http://www.fsl.com/barricademx.html). There might be other
>> means, I only know those.
>>
>> For SPF and DomainKeys, it depends on the proportion of mail servers
>> that check them.
>>
>> For the 2 others, it assumes that all of your outgoing mail is going
>> through the MailScanner/BarricadeMX system(s)
>
> A forged email can come from any server in the world.
What I meant is that with watermarking, any e-mail that comes from the
empty enveloppe, is validated with a watermarking, that allows the
incoming server to determine if the original e-mail that caused the DSN
was originating from itself. If it doesn't it can simply reject it,
still achieving the goal of the OP.
Ugo
More information about the redhat-list
mailing list