[1153] in WWW Security List Archive
Re: mail port
daemon@ATHENA.MIT.EDU (Marc VanHeyningen)
Thu Nov 9 14:04:20 1995
From: marcvh@spry.com (Marc VanHeyningen)
To: "Ross F. Jimenez" <rfjimen@tesuque.cs.sandia.gov>
cc: www-security@ns2.rutgers.edu
In-reply-to: Your message of "Wed, 08 Nov 1995 22:17:51 MST."
<Pine.SUN.3.91.951108221322.16290B-100000@tesuque.cs.sandia.gov>
Date: Thu, 09 Nov 1995 07:54:46 -0800
Errors-To: owner-www-security@ns2.rutgers.edu
> I have a question... you can telnet to a mail port (25) and send mail
> from it,,to any person, and put it's from anybody you want, are you not
> suppose to do this,, or can anybody do this, can the mail be tracked ??
> It would seem like a big security flaw if you could send false mail so
> easily... ???
How horrible! Why, just imagine if physical mail were so insecure that
anybody could write a letter with a return address of somebody else on it!
