>I am currently working with a customer with exactly this problem.
>Pine, Eudora, Netscape all rely on the "preference" setting for the name
>and address of the sender. They have had students masking as teachers
>sending mail. Some of this mail is of a nature banned by the AUP of the
>site in question. It has caused much grief. I would love to have a
>solution as well, but IDENTD is not it. Far too easy to spoof. and in
>the case of a PC, I just set it to whatever I want to return.
>Remember, the PC/Windoze platform is *not* secure (yet)
>
>- --
>Michael Baumann
>Electus Technology Inc. / Loma Linda University Medical Center
>San Bernardino, California. (909)799-8308 |Internet: baumann @
llumc .
edu
It seems when dealing with faked email there are several issues to be
concerned with.
The primary one is user education of email. Just as you should not blindly
trust the authenticity of a postal letter received, so should you not blindy
trust an email message. Until email users are educated to this fact, there
will always be problems with plain text sendmail spoofing.
The second issue is using some means of verifying the source of the message.
While not 100% fool proof, if each sendmail site tagged the message with its
machine ip address of origin (in an end-user understandable format), a lot of
the simple spoofing could be easily recognized. Of course, this depends on
each receiving site implementing such a feature. Most versions of sendmail
already do this via the "Received by" path headers, however many end-user
email systems hide those from the user. Ideally, if you really want to be
sure a message is real, you should use something like PGP to authenticate the
contents.
In the specific case you mention above, where students are masquarading as
professors at the same site, it seems PGP would be the best solution. If the
professors got in the habit of using it consistantly, the problem would be
greatly reduced.
User education is the only solution if something like PGP isn't a viable
option. If a message is received that is something fairly important (like
cancel all my appointments for next week), it's validity should be confirmed
by an "out-of-band" means, such as a followup phone call, or, worst case, an
email reply back.
In many cases, it's good to provide a simple illustration of how unsafe email
is to users when they first start using the system. As part of their initial
setup, besides having a normal "Welcome to email" message, also include a
simple spoof message from your favorite celebrity explaining how email can't
be trusted at face value. Hopefully that will introduce enough skepticism
so they will consider using something like PGP.
-brian
------------------------
brian_stormont @
projo .
com
|
|
