On Thu, Mar 31, 2005 at 04:14:02PM +0200, [EMAIL PROTECTED] wrote: > I have a question concerning spoofing in Jabber. I would like to send a > message > to a user connected to the same server than me. When I change the "from" > attributes in my <message> tag, nothing happens. I thought the dialback > mechanism was only between 2 different servers. Is there another mechanism to > prevent this kind of spoofing ?
Dialback prevents hostname spoofing. Servers are also required to enforce the from address to make sure that it matches the username with which the client authenticated. > Does someone know how to spoof a JID ? Um, we deliberately made that hard to do. /psa _______________________________________________ jdev mailing list [email protected] http://mail.jabber.org/mailman/listinfo/jdev
