Re: fake email
From: Frank Slootweg (this_at_ddress.is.invalid)
Date: 09 Aug 2004 09:35:52 GMT
Wary <firstname.lastname@example.org> wrote:
> "Frank Slootweg" <email@example.com> wrote in message
> > Wary <firstname.lastname@example.org> wrote:
> > > It is possible to fake the header of an email to make it look as
> > > if some one else sent it. Is it possible to do this in such a way
> > > that any reply is sent to the actual sender rather than the person
> > > it appears to be from? Is there any way to detect if this has
> > > been done?
> > Yes. Yes. Yes.
> How do I detect if this has been done?
By verifying the validity of all headers. In very simple cases, the
Reply-To: or Return-Path: or other lines like Sender: will give it away.
In more 'sophisticated' cases, there will be clues in the Received:
Basically, in email, like in News/Usenet, there *is* no 'security'.
Everything can be forged and often is.
If you want to learn more, then browse the email groups and their
FAQs, for example news.admin.net-abuse.email.