Re: anonymous messages


Craig F. Everhart (cfe+@andrew.cmu.edu)
Wed, 9 Nov 88 12:39:28 -0500 (EST)


Your plan assumes at least two things:
        (a) that spoofers don't have access to privileged accounts on *any*
machine that might send mail, and
        (b) that people maintaining SMTP/TCP mailers would eventually change
their SMTP senders to send from ``privileged'' ports.
Neither of these is particularly true. But most compromising is the effect
you'd get if (b) were true, the convention became widespread, and yet (a) were
false: all random spoofers would need is to be a sysadmin on some dinky
workstation, and all the ``protection'' you thought you had would vanish.



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:29 GMT