Firewalls: Re[2]: SMTP mail spoofing

Firewalls
(June 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re[2]: SMTP mail spoofing
From:	dcrocker @ mordor . stanford . edu (Dave Crocker)
Date:	Mon, 27 Jun 1994 10:52:32 -0700
To:	Dorian_W_Smith @ isc_smtp . isc . nva . ge . com (Dorian W Smith)
Cc:	0001000502 @ mcimail . com, Brent Chapman <brent @ GreatCircle . COM>, Firewalls @ GreatCircle . COM

At 8:13 AM 6/27/94, Dorian W Smith wrote:
>     If you really need to know about your mail delivery you need X.400.
>     X.400 and parts of X.500 (either implemented as X.500 or integrated

This is wrong.

It is a common error, but it is still an error.  If the mail is traversing
uncontrolled paths, I believe that X.400 offers nothing different from what
is offered by SMTP.

To the extent that you are referring to X.509-based stuff, then we can also
cite PEM/PGP/RIPEM/... for Internet (SMTP/RFC822/MIME)-based authentication
and data integrity.

In other words, technical solutions exist for both camps.  They just aren't
being used very heavily.

The question is not about the ability to record audit trails, modification
actions, or the like.  It is about the ability to detect the occurrence of
these things, independent of the cooperation of the "attacker".

Dave

Dave

+1 408 246 8253  (fax:  +1 408 249 6205)

Indexed By Date	Previous:	Re: Macs, PPP, and S/Key From: moose @ svcdudes . com (Michael Rutman)
Indexed By Date	Next:	Re: firewalling an unusual topology From: jerry @ tcs . com (Jerry Carlin)
Indexed By Thread	Previous:	Re: Re[2]: SMTP mail spoofing From: Sean . Bennett @ UK . Sun . COM (Martin Sean Bennet - Sun UK - CSG Engineer)
Indexed By Thread	Next:	Re: Re[2]: SMTP mail spoofing From: Frederick M Avolio <avolio @ tis . com>