> Are there any passive attacks to see mail that arrive on a server
> mail (like
> sniffing)
Yes, appended is a sample, with names and addrsses left intact to shame the
perpetrators.. :-)
> Attacks against mail integrety?
I have heard of mail being altered by the addition of adverts while it passed through
asia from Australia to the US.
That is what PGP and other public/private key signing and encryption software is
intended to combat.
> How can I spoofing a mail adress?
To intercept mail? you'd have to masquerade as the domains mailhost.
To send mail from a bogus sender is easy-peasy, just have the outgoing server insert
the bogus address, and use a bogus From: header when you compose the message.
Typical spammers probe message..
Return-Path: <[EMAIL PROTECTED]>
Received: from 218.70.138.66 ([218.70.138.66])
by linux.killerbees.co.uk (JAMES SMTP Server 3.0a1) with SMTP ID 672
for <[EMAIL PROTECTED]>;
Thu, 16 Jan 2003 08:38:40 +0000 (GMT)
Message-ID: <050049050046050050057046049049057046050049053@gfhfhfghgfhg>
To: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
Subject: DDD
Date: Wed, 15 Jan 2003 16:33:19 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.3018.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300
049057050046049054056046048046051058078079084058055051051049058049058
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
