Steve Poe writes:
« HTML content follows »Sam,Thanks for the clarification. Maybe my understand is limited, but I thought these c/r solutions can look at the headers of the emails to help validate where they are coming from not just the return address?
I'm not aware of anything that attempts to go beyond looking at the return address, but rather mindlessly replying to whatever's in the From: header.
It is technically impossible to verify, with any degree of certainty, whether the From: header corresponds to "where they're coming from". Even if you're not technically implied, you can easily see this for yourself: after all, if such a determination can be made, it can simply be done when the message is received, and if it fails the validation check, the mail server would reject the message and not accept it in the first place.
The whole purpose behind these cockamamie challenge-response schemes is precisely because it is impossible to ascertain the validity of the From: header, in any way, without replying back for a confirmation. If it was possible to do so, it can easily be done by the mail server -- and I'll be the first one to implement it -- and the message wouldn't even be accepted for delivery, in the first place.
pgp1BO3kxwBV5.pgp
Description: PGP signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
