On Jan 6, 2010, at 6:14 AM, Hans Dieter Pearcey wrote: > If you are relying on From (or Sender) headers for access control, you have > already lost. Almost every part of the email header and SMTP transaction can > be faked by a malicious user.
OK - my apologies for such foolish questions, but what then does a typical discussion list system use to stop such abuse? I'm guessing, perhaps the answer is, "nothing much else" - there was a story about even Google Groups having this problem: http://ejohn.org/blog/google-groups-is-dead/ As far as, "access control" - this is basically just for a different mailing list manager (my thingy, not google groups), so the most malicious thing that happens is that a spam gets posted to a discussion list. I can deal with that from time to time (and there's a moderation system to help that out, as well) What I've done is just have an option to not allow multiple addresses cited in the From: headers (and not allowing multiple From: headers as well). It's not perfect, but it'll help perhaps: #!/usr/bin/perl use strict; use Email::Address; my $from = q...@example.com <spoofer.addr...@malicious-site.com>}; if(scalar(Email::Address->parse($from)) > 1){ print "yikes! no support for that!"; } On Jan 6, 2010, at 6:14 AM, Hans Dieter Pearcey wrote: > Excerpts from Justin Skazat's message of Tue Jan 05 17:32:25 -0500 2010: >>> But that can already easily be done, I can just put >>> >>> From: You <m...@example.com> >>> >>> in my email headers. >> >> OK - what should I do about that? What's the general wisdom to help thwart >> that? Use the Sender: header? Both? Something more fancy? > > If you are relying on From (or Sender) headers for access control, you have > already lost. Almost every part of the email header and SMTP transaction can > be faked by a malicious user. > > If you want authentication, you'll need to either write your own layer on top > of it (e.g. PGP signing, secure per-user recipient addresses) or use a gateway > in front of your mail processor that does it (e.g. IP-based filtering in your > MTA, SASL auth). > > hdp. >