This won't work or will really throw a ball of wax into the works. Look at my e-mail address. This is a perfectly valid address. However, I don't work for the IEEE, I'm a member and this is an alias that forwards to where I really am this month (I've had 3 ISPs in the last 2 years). So I am never posting from the IEEE's domain. You can look at the message ID to find where I writing this from except it is an intranet domain name and won't resolve on the Internet. Check the headers and you will see a third domain name. When I am visiting friends and family, I usually use their ISP's SMTP server for outgoing mail from my laptop. All legitimate mail. And I use different return addresses, depending on the context. E.g., I have two ISPs currently; obviously, I use the address in their domain when corresponding with them. And for a while I was employed by a company with no physical office, only a bunch of people working out of the back bedroom of their home. Work e-mail carried the company's domain name. I could have routed the work e-mail thru the company's mail servers, but that would have meant a lot of extra work for me. Any sysadmin that put such a policy in place would get all his/her users added to my bozo filter (AKA kill file). Just my $0.02USD, Jeffrey Quoting Leah Cunningham <leah@unleashed.org>:
I don't think this is about relaying. Spoofing a from-address can be done
without any relay at all.
Yes, I guess you are right, as long as the domain is valid, it is easy to spoof an email address if the server allows mail to be sent from outside the network. For example, I couldn't send the SMTP command to a modern server:
mail from:leah@leah.leah.leah.leah but I could do mail from:leah@valaddomain.com
Joost, do you know if there is a way for the mail server to check if the IP address you are coming from matches the domain given?
Even then, one could change the user and leave the correct domain intact for external/internal domains.
I just found this out. I had been getting strange entries in my maillog from
sourceforge servers, and their admins told me it had to do with SMTP
callback. i.e. finding out if the from-address is valid or not. I think this
is what's required. But it has nothing to do with relaying, I'm *almost*
certain :).
On Friday 08 June 2001 16:04, Leah Cunningham wrote:
Matt,
I just wanted to share that with you! The id10t who spammed me even
tried spoofing the from address to make it look as if it came from my
own domain, so I forwarded it to them.
Actually, how can one fix this? I am using Sendmail.
You need to disable relaying in sendmail. I'm not positive where
this is, but I imagine someone else here can tell you, or you could
look it up, that's what I ususally do. I thought's SuSE's
sendmail.cf took care of this by default, but I don't remember.
I can't believe it's not UNIX!!!
Leah Cunningham | PPC QA, Business Support &
www.heinous.org | QA & Linux geek, et al.
I can't believe it's not UNIX!!!
Leah Cunningham | PPC QA, Business Support & www.heinous.org | QA & Linux geek, et al.
-- I don't do Windows and I don't come to work before nine. -- Johnny Paycheck