On Jan 6, 2010, at 6:14 AM, Hans Dieter Pearcey wrote:

> If you are relying on From (or Sender) headers for access control, you have
> already lost.  Almost every part of the email header and SMTP transaction can
> be faked by a malicious user.

OK - my apologies for such foolish questions, but what then does a typical 
discussion list system use to stop such abuse? I'm guessing, perhaps the answer 
is, "nothing much else" - there was a story about even Google Groups having 
this problem: 

        http://ejohn.org/blog/google-groups-is-dead/

As far as, "access control" - this is basically just for a different mailing 
list manager (my thingy, not google groups), so the most malicious thing that 
happens is that a spam gets posted to a discussion list. I can deal with that 
from time to time (and there's a moderation system to help that out, as well) 

What I've done is just have an option to not allow multiple addresses cited in 
the From: headers (and not allowing multiple From: headers as well). It's not 
perfect, but it'll help perhaps: 


#!/usr/bin/perl 
use strict; 
use Email::Address; 

my $from  = q...@example.com <spoofer.addr...@malicious-site.com>}; 

if(scalar(Email::Address->parse($from)) > 1){ 
        print "yikes! no support for that!"; 
}


  

On Jan 6, 2010, at 6:14 AM, Hans Dieter Pearcey wrote:

> Excerpts from Justin Skazat's message of Tue Jan 05 17:32:25 -0500 2010:
>>> But that can already easily be done, I can just put
>>> 
>>> From: You <m...@example.com>
>>> 
>>> in my email headers.
>> 
>> OK - what should I do about that? What's the general wisdom to help thwart
>> that? Use the Sender: header? Both? Something more fancy? 
> 
> If you are relying on From (or Sender) headers for access control, you have
> already lost.  Almost every part of the email header and SMTP transaction can
> be faked by a malicious user.
> 
> If you want authentication, you'll need to either write your own layer on top
> of it (e.g. PGP signing, secure per-user recipient addresses) or use a gateway
> in front of your mail processor that does it (e.g. IP-based filtering in your
> MTA, SASL auth).
> 
> hdp.
> 

Reply via email to