Gentoo Archives: gentoo-user

From: Daniel Iliev <daniel.iliev@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Mailing list and PGP/MIME
Date: Fri, 30 May 2008 07:04:15
Message-Id: 20080530100408.7cdbb03b@ilievnet.com
In Reply to: Re: [gentoo-user] Mailing list and PGP/MIME by Paul Sebastian Ziegler
1 On Fri, 30 May 2008 10:39:35 +0900
2 Paul Sebastian Ziegler <psz@××××××××.de> wrote:
3
4
5 > Glad to hear you didn't mind, Daniel.
6
7 Actually, I've enjoyed it! :)
8 It was very crazy to see my name under something I've never said. The
9 lack of control just rushed my adrenaline even though I was expecting
10 something like that. Thanks!
11
12 > Yes, you traced me correctly. And as Rob already noticed, that could
13 > be circumvented by spoofing the header a little more.
14
15 True. It wouldn't be so hard to send the message from another place.
16
17 > Also you were correct to notice, that the receiving server has the
18 > last word - however many servers today do -not- perform reverse DNS
19 > lookups. You can basically put into the EHLO message whatever you
20 > want and the receiving server will buy it.
21 >
22 > So with some effort we could make it look as if the message was
23 > actually received from fg-out-1718.google.com. At least as long as
24 > pidgeon.gentoo.org doesn't do reverse DNS lookups, which frankly I
25 > didn't check. :)
26 >
27 > --Paul
28
29 Unfortunately many times one cannot control the reverse records,
30 because the IP address pool belongs to the ISP. Nevertheless the SMTP
31 server logs the IP address which the message came from. It doesn't
32 matter if the message would be bounced or accepted because of the
33 (in)correct reverse resolving. Additionally there's the SPF [1] and I
34 believe the email system at gentoo.org uses it. If that's so and my
35 poor abused address :) was at a domain with SPF record imposing "fail"
36 policy, that message shouldn't be accepted at all. At best you'd get
37 something like:
38
39 "Domain of valid-user@×××××××.com does not designate 192.0.2.25
40 as permitted sender."
41
42 Anyways the right thing to do is to ban the IP address which the
43 offencive message came from, not the email address. So, signatures
44 don't come to play here.
45
46 [1] http://www.openspf.org/
47
48
49 --
50 Best regards,
51 Daniel
52 --
53 gentoo-user@l.g.o mailing list

Replies

Subject Author
Re: [gentoo-user] Mailing list and PGP/MIME Wolf Canis <wolf.canis@××××××××××.com>