Re: hoax mails

[Sanjeev Gupta <ghane@xxxxxxxxxxx>]

Mohit,

Good morning.  Welcome to the "Great Email Hole".

Think of the email concept as being very similar to a Postal Mail concept, 
with mail delivery to Post Office Boxes.


At 06:42 AM 8/28/2000 +0530, you wrote:
> I recently came across a software (GhostMail 5.1) which lets you send
> anonymous
> e-mails to anyone assuming any email address. The sender ( a friend of
> mine) had assumed the identity as
> his_name@his_domain .

Sure, and the post office does not object to me calling myself as "Ghane".

> Seeing this , i was amazed that the whole purpose of password protection
> in emails
> is a fake ,  when anyone can send any mail with a reply to address as
> mine.

No.  There is no password or authentication required to call myself 
Ghane.  I can send letters through the postal services, marking the 
sender's address as "Ghane".

> I even came across this text , a technique for sending fake e-mails. You
> simply
> telnet to the smtp port of a mail server use the following commds and
> presto!
> a fake mail with a different return address. I tried this and it does
> work .

Exactly.  Letters I send with the my address as "Ghane" can be dropped off 
into ANY post box in Delhi.  No questions asked.

> Is there a way of defeating this???

Defeat what?  Think it over carefully.  What is the security issue here?

> And i don' wanna use  filters. The person can assume a diffent name and
> can mail from a different mail server each time he mails.
>
> Mohit Sood

If you really are Mohit Sood.  For all I know, you may be Neil with a 
spellchecker ;-)

-- Ghane (yes, Ghane)