|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
On Sun, 21 Mar 2004, Art Clemons wrote:
> > Part of the problem is defining "header forging". Clearly spam messages
> > sent with a From: address of something at yahoo.com would be considered
> > forged...but what about this email? The From: address on it is jeffm at
> > iglou.com. But I'm currently using my laptop at my parents' house,
> > through their cable modem connection. I'm sending this with my jeffm at
> > iglou.com From: address because *I* am jeffm at iglou.com. But my
> > laptop isn't on an iglou.com Internet connection at the moment. Now, in
> > this case, its not all that big of a deal because IgLou has considerable
> > clue and provides SMTP AUTH based relaying, so this email will bounce
> > off of IgLou's servers.
> >
>
> It's simpler than you think. One solution would be for more ISPs to use
> IMAP instead of POP mail. Then from your parents house you could still
> connect to the servers of whichever mail server being used to send the
> mail. Note that using IMAP would force servers to be sure an actual
> validated user was sending the email. IMAP does have some likely
> security holes but those can be filled.
Even if you forget about the potential security problems, you are going to
be hard pressed to get isp's to use IMAP. pop3 pulls the mail to the users
local machine. IMAP leaves the mail on the server. Guess who would need tons
more storage available to make IMAP usable.
Just my $.02
Tom
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|