If you really need to know about your mail delivery you need X.400.
X.400 and parts of X.500 (either implemented as X.500 or integrated
into X.400 against standards conventions) can tell you whether mail
came from a certain individual, whether it was changed enroute,
whether a certain person received it or not, etc. Lotus Notes does a
part of this as well. X.400 will go through the Internet on TCP/IP
and has a standard port assignment to help with firewalls. We have
some of these systems running on some of our customer's sites. If you
want more, send me an E-mail request for what you are looking for and
I can direct you to people who can answer your questions.
Dorian
______________________________ Reply Separator _________________________________
Subject: Re: SMTP mail spoofing
Author: Brent Chapman <brent @
greatcircle .
com> at isc_smtp
Date: 6/22/94 7:50 AM
Received: by ccmail from iscserver.isc.nva.ge.com
>From owner-firewalls-outgoing @
greatcircle .
com
X-Envelope-From: owner-firewalls-outgoing @
greatcircle .
com
Received: from thomas.ge.com by iscserver.isc.nva.ge.com (4.1/GEA Sun server
2.8B )
id AA19836; Wed, 22 Jun 94 07:56:04 EDT
Received: from ns.ge.com by thomas.ge.com (5.65/GE Internal Gateway 1.25) with
SM TP id AA25779; Wed, 22 Jun 94 02:33:36 -0400
Received: from relay1.UU.NET by ns.ge.com (5.65/GE Gateway 1.23) with SMTP id
AA1 4478; Wed, 22 Jun 94 02:19:55 -0400
Received: from mycroft.GreatCircle.COM by relay1.UU.NET with SMTP (rama) id
QQwvi v28107; Wed, 22 Jun 1994 02:25:01 -0400
Received: from localhost by mycroft.GreatCircle.COM
(8.6.5/SMI-4.1/Brent-940615)i d FAA17549; Wed, 22 Jun 1994 05:26:34 GMT
Received: from mycroft.GreatCircle.COM by mycroft.GreatCircle.COM
(8.6.5/SMI-4.1/ Brent-940615)id WAA17542; Tue, 21 Jun 1994 22:26:28 -0700
Message-Id: <199406220526 .
WAA17542 @
mycroft .
GreatCircle .
COM>
To: David Brooks <0001000502 @
mcimail .
com>
Cc: Firewalls <Firewalls @
greatcircle .
com>
Subject: Re: SMTP mail spoofing
In-Reply-To: Your message of Tue, 21 Jun 94 18:22 EST
Date: Tue, 21 Jun 1994 22:26:26 -0700
From: Brent Chapman <brent @
greatcircle .
com>
Sender: Firewalls-Owner @
greatcircle .
com
Precedence: bulk
David Brooks <0001000502 @
mcimail .
com> writes:
# We would like to know if there is a good way to determine is someone is
# spoofing our mail gateway. Is there a "secure" smtpd or other software
# available that will detect/reject connections from someone pretending to
# be someone else?
#
# db
In a word: no.
SMTP makes absolutely no attempt at guaranteeing the authenticity of
messages. There's no way in the protocol to tell if the message
coming in is "really" from who it says it is, or from someone else.
About the only thing you can do is authenticate the connection (i.e.,
that the machine on the other end is really who you think it is), and
then determine what you're willing to believe and what you're willing
to accept from that machine. You'd need something like a
Kerberos-modified version of Sendmail to do the authentication.
-Brent
--
Brent Chapman | Great Circle Associates | Call or email for info about
Brent @
GreatCircle .
COM | 1057 West Dana Street | upcoming Internet Security
+1 415 962 0841 | Mountain View, CA 94041 | Firewalls Tutorial dates
Follow-Ups:
|
|
