| Art Clemons on 21 Mar 2004 23:49:02 -0000 |
|
Part of the problem is defining "header forging". Clearly spam messages sent with a From: address of something at yahoo.com would be considered forged...but what about this email? The From: address on it is jeffm at iglou.com. But I'm currently using my laptop at my parents' house, through their cable modem connection. I'm sending this with my jeffm at iglou.com From: address because *I* am jeffm at iglou.com. But my laptop isn't on an iglou.com Internet connection at the moment. Now, in this case, its not all that big of a deal because IgLou has considerable clue and provides SMTP AUTH based relaying, so this email will bounce off of IgLou's servers. It's simpler than you think. One solution would be for more ISPs to use IMAP instead of POP mail. Then from your parents house you could still connect to the servers of whichever mail server being used to send the mail. Note that using IMAP would force servers to be sure an actual validated user was sending the email. IMAP does have some likely security holes but those can be filled. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|