Thanks for all who reply to me. However, I'm not sure if you really
know what I mean.
Many e-mail reader allows you to display the full header of an e-mail.
In the full header, you can see a list of the SMTP host that the e-mail
has been traversing. Below is part of the header of one of the e-mail I
received -
Received:
from honor.greatcircle.com by relay3.UU.NET with ESMTP
(peer crosschecked as:
honor.greatcircle.com [198.102.244.44]) id QQcyvi20024;
Sat, 19 Jul 1997 02:41:00 -0400
(EDT)
Received:
(majordom @
localhost) by honor.greatcircle.com
(8.8.5/Honor-Lists-970308-1) id LAA00816 for
firewalls-outgoing; Fri, 18 Jul 1997 11:15:37 -0700
(PDT)
It is very common to see the internal host names as part of the path and
even what kind of e-mail gateway is in use, e.g. cc mail g/w or smap
with version numbers (though I explicitly dropped this part in the above
example).
These info are inserted into e-mail header by sendmail and is defined in
the header section of the sendmail.cf file like the following -
HReceived: $?sfrom $s $.by $j ($v/$V)
id $i; $b
Even though I used "Dm" (is it the "masquerade" option Alan refered to
?) to hide the host name of the initiating host, every host that the
e-mail passed through still insert its name into the header. I tried
commenting out the HReceived line and successfully prevented the e-mail
relay host to insert its own name, but this caused mail delivery error !
So, my question is, if the full e-mail header reveals the name of the
internal host or even the type of e-mail gateway used, does anybody
consider this as a security hazard ? If yes, how can this be avoided ?
Vinci.
Alan wrote:
> On Fri, 18 Jul 1997, Alan wrote:
>
> > This can be done with sendmail. You can set up a rule that will
> strip out
> > the host information.
> >
> > >From _Managing NFS and NIS (first edition)_ by O'Reilly & Assoc.,pg
> 196
> > and 197:
> >
> > (This is refering to the rewrite rules in sendmail.cf.)
>
> [Snip]
>
> I forgot that this method is a bit outdated. Check out the
> "masquerade"
> option. (DM, I think...) That will do it as well, with a whole lot
> less
> hastle. (The default methods for sendmail 8.8.x include a bunch of
> standard rewrites for incoming and outgoing mail, so those rules will
> not
> neccisarily be blank.)
>
> > If you are planning on doing any sort of hacking on sendmail, I
> suggest
> > getting the "Bat Book" from O'Reilly & Assoc. (Sendmail 2nd
> edition.)
> > Make sure you get the 2nd edition, as the first does not cover the
> lastest
> > incarnation of sendmail. (8.8.x.)
>
> "Latest" not "lastest". Augh. "Dyslexia: name for it by ask!"
>
> alano @
teleport .
com | "Those who are without history are doomed to
> retype it."
References:
|
|
