[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Email Spoofing

To: Dirk Schreiner <dirk.schreiner@xxxxxxx>
Subject: Re: [suse-security] Email Spoofing
From: Markus Gaugusch <markus@xxxxxxxxxxx>
Date: Thu, 22 Jul 2004 00:01:34 +0200 (CEST)
Cc: suse-security@xxxxxxxx
Delivered-to: mailing list suse-security@xxxxxxxx
In-reply-to: <40FEDEA5.6040206@xxxxxxx>
List-help: <mailto:suse-security-help@suse.com>
List-post: <mailto:suse-security@suse.com>
List-subscribe: <mailto:suse-security-subscribe@suse.com>
List-unsubscribe: <mailto:suse-security-unsubscribe-suse=archive.cert.uni-stuttgart.de@suse.com>
Mailing-list: contact suse-security-help@xxxxxxxx; run by ezmlm
References: <40FEA2E0.7060301@xxxxxxxxxxx> <Pine.LNX.4.60.0407211955250.21573@xxxxxxxxxxxxxxxxxx> <20040721143803.y8wqqscogwws48w4@xxxxxx> <40FEBBF7.3000502@xxxxxxx> <Pine.LNX.4.60.0407212110430.27602@xxxxxxxxxxxxxxxxxx> <40FEDEA5.6040206@xxxxxxx>

On Jul 21, Dirk Schreiner <dirk.schreiner@xxxxxxx> wrote:

Markus Gaugusch schrieb:
Yes, it breaks forwarding. But facing the amount of spam, the number ofmails that bounce because of incorrect (old-style) forwarding should beneglegible.
incorrect (old-style)?
Could you please post the RFC with the "new-style".

SPF suggests remailing instead of forwarding. I'm pretty sure that thisdoes not bother any RFC. The old method may not be incorrect, but it isjust incompatible with SPF. Sorry for the wrong wording.

Your suggestion with signatures are also nice, but I think that 1 millionadministrators are easier to convince to perform infrastructure upgrades,than billions of (mostly stupid) users. I don't think that SPF is so bad,and I haven't heard of any other problems than forwarding. Digitalsignatures, though, are something that probably not even everyone onsuse-security has tried. And I don't want to see the next MS Outlookversion with integrated signatures that will break like everything elsethey make. Infrastructure security should be done by administrators, notby end users. Although there are still too many stupid admins out there :(

And yes, I know, that the forwarding problem doesn't hit me, but theinnocent receiver who forwards mail from my account to his SPF-protecteddomain via a non-SPF aware host in the middle. But if that case happens, Icould either send mails to him directly, or try to convince the "middle"host owner to do something against the sky-raising amounts of spam and doremailing instead of forwarding.

Dirk
Going sleeping.

BTW: if anybody is not amused about that long signature.
    I cannot go around this because company GW is doing that.
    And using my host`s SMTP-Server is not possible due to
    people checking Reverse-Lookup and doing SPF. :-/

You could at least use sigdashes ("-- ", the trailing blank is important!)to make users of good mail clients not-so-annoyed :)


Markus
--
__________________    /"\
Markus Gaugusch       \ /    ASCII Ribbon Campaign
markus(at)gaugusch.at  X     Against HTML Mail
                      / \

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

References:
- [suse-security] Email Spoofing
  - From: Eric Kahklen
- Re: [suse-security] Email Spoofing
  - From: Markus Gaugusch
- Re: [suse-security] Email Spoofing
  - From: suse
- Re: [suse-security] Email Spoofing
  - From: Dirk Schreiner
- Re: [suse-security] Email Spoofing
  - From: Markus Gaugusch
- Re: [suse-security] Email Spoofing
  - From: Dirk Schreiner

Prev by Date: Re: [suse-security] Email Spoofing
Next by Date: Re: [suse-security] Email Spoofing
Previous by thread: Re: [suse-security] Email Spoofing
Next by thread: [suse-security]
Index(es):
- Date
- Thread