[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: My Apologies - I just got Rooted
- From: David Favro <lua@...>
- Date: Sun, 27 Feb 2011 11:07:02 -0500
On 02/27/2011 08:55 AM, Philippe Lhoste wrote:
> The problem with e-mail is that it isn't secured.
> I can just send an e-mail right now stating I am Steve Donovan or Bill Gates
> or any address I find on the Net.
> We can put anything in the From field. I don't think SMTP servers check it
> is correct.
Actually, it's a little more complicated than that. In this case, I didn't
look carefully but it would appear that Steve's credentials were
compromised, i.e. he lost control over his GMail account. So, the spam
message in question wasn't someone forging his email address in the From
header; it really came from his GMail account and there presumably would
have passed most authentication techniques. In this case, there's little
that lua-l's server could have done beyond a Bayesian content scan.
Furthermore, there are already (admitted somewhat crude) methods of
authenticating the origin of email, e.g. DomainKeys and SPF, but many SMTP
servers, as you noted, don't verify this -- although many do. And since
many domains don't implement them on outbound messages, MTA's have no choice
but to accept inbound unauthenticated message for compatibility.
Furthermore these schemes really only verify that the message came from the
correct domain, but not the user within that domain. One could implement a
policy that all messages must bear a valid signature by a known public key
(e.g. SMIME or OpenPGP), but this is also problematic. A truly
comprehensive and reliable sender authentication scheme is not easy to
implement. Of course, it's not easy with paper mail either.
I hope this doesn't qualify as replying to spam -- if so, I apologize for