gabriel rosenkoetter on 26 Jan 2004 04:38:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] WARNING!!!


On Sun, Jan 25, 2004 at 05:29:13PM -0500, LeRoy Cressy wrote:
> With the email address forging there must be a way to filter or block 
> this worm.

SMTP provides NO authentication, so no, there's no way to tell that
that email was forged. (There are some recently proposed hacks to do
this sort of thing in DNS, but it would be nearly impossible to
force something like that on every subscriber of this mailing list.)

> I saw that both have the following strings that you could filter.

What "you" is it that should be filtering here?

If you want to filter things, please filter them for yourself. It's
not PLUG's responsibility to protect you from the inherent
insecurities of your MUA.

Walt had NOTHING TO DO with that message. Both he and the PLUG
posting address happen to be in someone else's Outlook addressbook.

Also, while all the header information is cute, there's really
nothing you could provide that's as useful as MCT's logs. I don't
have the energy to figure out the real source (if it's even possible
to attach an email address to that, which it probably won't be). If
you do, that's swell, but could you please do it *off* the mailing
list?

-- 
gabriel rosenkoetter
gr@eclipsed.net

Attachment: pgpTi0F4YfIja.pgp
Description: PGP signature