[1161] in WWW Security List Archive
Re: mail port
daemon@ATHENA.MIT.EDU (Shaw Innes)
Thu Nov 9 23:10:06 1995
Date: Fri, 10 Nov 1995 11:01:13 +1000 (EST)
From: Shaw Innes <mcleod@odyssey.com.au>
To: "Ross F. Jimenez" <rfjimen@tesuque.cs.sandia.gov>
cc: www-security@ns2.rutgers.edu
In-Reply-To: <Pine.SUN.3.91.951108221322.16290B-100000@tesuque.cs.sandia.gov>
Errors-To: owner-www-security@ns2.rutgers.edu
On Wed, 8 Nov 1995, Ross F. Jimenez wrote:
> I have a question... you can telnet to a mail port (25) and send mail
> from it,,to any person, and put it's from anybody you want, are you not
> suppose to do this,, or can anybody do this, can the mail be tracked ??
> It would seem like a big security flaw if you could send false mail so
> easily... ???
All current versions of sendmail require/use two things which ensure some
form of tracability. One is the 'HELO' command, and the second is
identd, since most servers now run identd there is a record in the mail
header showing where the mail really came from. I think you are probably
not seeing this part of the header due to the fact you are using a mail
program such as elm or pine which hide them.
Try telnetting to localhost:25 and sending some mail to yourself, then
use vi to examine your mail spool file. It will have a field which says
where the telnet session came from.
Hope that helps,
Shaw
+----------------------------------------+-----------------------+
| Shaw Innes (Internet Consultant) | mcleod@odyssey.com.au |
| IRC: McLeod Phone: (07) 3353 0540 | mcleod@healey.com.au |
| WWW: http://www.odyssey.com.au/mcleod | mcleod@cynergy.com.au |
+----------------------------------------+-----------------------+
