Re: fake email

From: Frank Slootweg (this_at_ddress.is.invalid)
Date: 08/09/04

  • Next message: Security Alert: "SSRT3487 rev.4 remote denial of service in tftpd"
    Date: 09 Aug 2004 09:35:52 GMT
    
    

    Wary <noaddress@forme.com> wrote:
    > "Frank Slootweg" <this@ddress.is.invalid> wrote in message
    > news:4117331d$0$18088$4a441750@news.wanadoo.nl...
    > > Wary <noaddress@forme.com> wrote:
    > > > It is possible to fake the header of an email to make it look as
    > > > if some one else sent it. Is it possible to do this in such a way
    > > > that any reply is sent to the actual sender rather than the person
    > > > it appears to be from? Is there any way to detect if this has
    > > > been done?
    > >
    > > Yes. Yes. Yes.
    >
    > How do I detect if this has been done?

      By verifying the validity of all headers. In very simple cases, the
    Reply-To: or Return-Path: or other lines like Sender: will give it away.
    In more 'sophisticated' cases, there will be clues in the Received:
    lines.

      Basically, in email, like in News/Usenet, there *is* no 'security'.
    Everything can be forged and often is.

      If you want to learn more, then browse the email groups and their
    FAQs, for example news.admin.net-abuse.email.


  • Next message: Security Alert: "SSRT3487 rev.4 remote denial of service in tftpd"

    Relevant Pages

    • Re: fake email
      ... By verifying the validity of all headers. ... FAQs, for example news.admin.net-abuse.email. ...
      (alt.computer.security)
    • Re: Examine IP packet
      ... | the headers in an IP packet? ... Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org ...
      (freebsd-questions)
    • Re: dns lookup from .net -- validate email address (domain)
      ... Verifying the validity of the ipaddress is simple enough but does anyone have a sample of obtaining the MX record? ...
      (microsoft.public.dotnet.framework.aspnet)
    • Examine IP packet
      ... Could you recommend a tool that I can use to examine the validity of ... the headers in an IP packet? ...
      (freebsd-questions)