Message from mulligaj
> Good idea, but with such a diverse range of machines and OS's that the
> telnets are coming from, it is next to impossible. Telnetting from unix
> based systems is a minor case (probably). We use some unix machines (public
> access through telnet). Many PC (dos/windows) based systems in labs. And
> people can use their own machines in their rooms with IPX connections as
> well as trumpet winsock support. So both DOS and Windows clients work, and
> new ones can be added.
>
> I think we need to make a server-side fix. And that is where the problem
> arises.
I don't think it is really a server-side problem. The whole concept is flawed.
Since a smtp server cannot possibly distinguish between a telnet connection
of a simple user program or /usr/etc/mconnect, there isn't much to fix.
Inserting additional headers telling the real hostname or IP address where the
mail was sent from is somewhat helpful, but still requires the user to check
for that information.
I think the only real fix is to introduce e-mail authentication like PGP or
PEM everywhere and for everybody. If everybody has a public key and there is
a reliable method of key distribution and retrieval, the fakemail problem will
cease to exist (or come back on a different level :-)).
Michael
-------------------------------------------------------------------------------
Michael Finken Conware Computer Consulting GmbH
E-Mail: finken @
conware .
de Killisfeldstr. 64
76227 Karlsruhe
Tel.: +49 721 9495-0
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Linux - The choice of a GNU generation.
-------------------------------------------------------------------------------
Follow-Ups:
References:
|
|
