Re: anonymous messages


jam@radc-lonex.arpa
Wed, 9 Nov 88 14:40:24 EST


>From: raj@PARIS.ICS.UCI.EDU
>
>I've been meaning to bring this topic up for quite a while so maybe this is
>the time to do it. We all know (don't we?) that anyone can use telnet to
>connect to the SMTP port on a machine and directly type in mail, thus making
>it appear as though it comes from anyone they like. This has been taken
>advantage of here at UCI by our undergrads a few times. (Enough that it
>started becoming a bother!) It seems to me as if we could solve this whole
>problem once and for all by simply requiring the originating port for SMTP
>deliveries to be a privileged port ( < 512 ). As a matter of fact, we could
>probably require the originating port to be 25 as well as the destination port.
>(Afterall, a pair of IP addresses and port numbers fully specify a TCP
>connection and why would you want 2 SMTP deliveries between the same pair of
>machines at the same time? Anyway, if you do we can always make it simply
>"any port number < 512.")
>
        Many services (rsh, etc.) require the port number to be in the range
        512 to 1024. Under UNIX this is considered a privleged port, the
        lower ports are reserved for servers.

        One potential problem I see, what if someone tries to establish a
        connection to send you mail while your busy trying to talk to another
        system. If you are using port 25 to send with, who's listening for
        mail?

        Because the 1024 bit is not standard, some implementations of TCP
        allow any old program to use lower port numbers...

        Also this is great, until someone with root on another machine
        tries to pull another fast one. Of course if you monitor
        your machine closely you would notice the attempt...

>Now, before people start complaining about how this change isn't backward
>compatible, etc., let me finish. For a period of a year or so everyone could
>simply insert a header like:
>
>X-Warning: This message arrived at xyz.site through an insecure port.
> ... text deleted

        "insecure"? Of course many people in government circles (check my
        address) are distinctly paranoid at the moment...

        What exactly would this buy us? If it was really a mail item it
        doesn't matter, if an attack nobody gets the mail! Just have
        the mailer log ports too.

Joel



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:29 GMT