[1147] in WWW Security List Archive
Re: mail port
daemon@ATHENA.MIT.EDU (Ong Guan Sin)
Thu Nov 9 11:51:44 1995
To: rfjimen@tesuque.cs.sandia.gov (Ross F. Jimenez)
Date: Thu, 9 Nov 1995 21:56:08 +0800 (SST)
From: "Ong Guan Sin" <cceonggs@leonis.nus.sg>
Cc: www-security@ns2.rutgers.edu
In-Reply-To: <Pine.SUN.3.91.951108221322.16290B-100000@tesuque.cs.sandia.gov> from "Ross F. Jimenez" at Nov 8, 95 10:17:51 pm
Errors-To: owner-www-security@ns2.rutgers.edu
-----BEGIN PGP SIGNED MESSAGE-----
> I have a question... you can telnet to a mail port (25) and send mail
> from it,,to any person, and put it's from anybody you want, are you not
> suppose to do this,, or can anybody do this, can the mail be tracked ??
> It would seem like a big security flaw if you could send false mail so
> easily... ???
Yes, you could fool the sendmail by setting From: field to anything you
want, but sendmail would make an IDENT request (port 113) to your host to
find out who actually make the port 25 request and put that piece of
information into the mail header. So, if you receive a piece of mail
whose mail header says "From: clinton@whitehouse.gov" but with info
like "badguy@badhost.com", then you know what it is ... (If your host has
ident port shut, you will still at least get "@badhost.com" in the header.)
Anyway, the route in which a mail has gone thru is always recorded in the
mail header.
- --
GS
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Go for PGP!
iQCVAwUBMKIIceM1L92l84PBAQFaHgP/WlbAbmox4Bo1JQSZgqpYmq8crsNMZSVT
tfAHM+DbFXHWzLDR146m4kWpiyHIVeHS9Vzng4VxIyeffUrkuvGUXcUaKuRFD9Qa
uj2DwZhoiZCoHJaZs0G6LjxEgyempHy2Sl4pWBrS8GAbs9Z0csuFsTqeOLpCOFUZ
Vl+uua9ypkE=
=w84m
-----END PGP SIGNATURE-----
