1 |
On Fri, 30 May 2008 00:11:51 +0100 |
2 |
Robert Bridge <robert@××××××××.com> wrote: |
3 |
|
4 |
> On Fri, 30 May 2008 02:05:42 +0300 |
5 |
> Daniel Iliev <daniel.iliev@×××××.com> wrote: |
6 |
> |
7 |
> > On Thu, 29 May 2008 08:38:27 +0000 (UTC) |
8 |
> > daniel.iliev@×××××.com wrote: |
9 |
> > |
10 |
> > > W. Canis wrote: |
11 |
> > > > OK, I can't bring myself a "proof of concept". |
12 |
> > > |
13 |
> > > Allow me to help you with that part. |
14 |
> > > |
15 |
> > > Personally I still think signatures in public mailing lists are |
16 |
> > > overrated. |
17 |
> > > |
18 |
> > > NOT signed by |
19 |
> > > Some Gentoo user with a security job and 5 minutes of time |
20 |
> > > |
21 |
> > > P.S. Daniel - I really hope this is ok with you. I took your dare |
22 |
> > > literally for this one time. Your personality won't be abused by |
23 |
> > > me again. |
24 |
> > |
25 |
> > |
26 |
> > No problem,..ehh..PSZ, I presume? :) |
27 |
> > |
28 |
> > It was I who gave the idea and the challenge. Don't worry, it's |
29 |
> > really fine by me. |
30 |
> > |
31 |
> > I admit I looks very much as if the message was sent by me and could |
32 |
> > be deceiving at first glance, but: |
33 |
> > |
34 |
> > |
35 |
> > FAKE: |
36 |
> > === |
37 |
> > Received: from observed.de (observed.de [81.169.134.89]) |
38 |
> > by pigeon.gentoo.org (Postfix) with ESMTP id AE151E05BC |
39 |
> > for <gentoo-user@l.g.o>; Thu, 29 May 2008 |
40 |
> > 08:38:27 +0000 (UTC) |
41 |
> > === |
42 |
> > |
43 |
> > |
44 |
> > NOT FAKE: |
45 |
> > === |
46 |
> > Received: from fg-out-1718.google.com (fg-out-1718.google.com |
47 |
> > [72.14.220.153]) |
48 |
> > by pigeon.gentoo.org (Postfix) with ESMTP id 3E5ACE0229 |
49 |
> > for <gentoo-user@l.g.o>; Mon, 26 May 2008 00:30:07 |
50 |
> > +0000 (UTC) |
51 |
> > === |
52 |
> |
53 |
> Except that even that can be faked. |
54 |
> |
55 |
> The header is part of the payload, so can be whatever the user decides |
56 |
> to put in, simply fake some a set of relay lines, and how do you know? |
57 |
> |
58 |
> Rob. |
59 |
|
60 |
Yes, you can insert headers before you send the message, but the SMTP |
61 |
server which receives the message for local delivery always has the |
62 |
final word. In this case pigeon.gentoo.org has added its headers to the |
63 |
"proof of concept" message and we can see that the mail "from me@Gmail" |
64 |
was actually sent from elsewhere. |
65 |
|
66 |
|
67 |
-- |
68 |
Best regards, |
69 |
Daniel |
70 |
-- |
71 |
gentoo-user@l.g.o mailing list |