[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: hoax mails


Good morning.  Welcome to the "Great Email Hole".

Think of the email concept as being very similar to a Postal Mail concept, with mail delivery to Post Office Boxes.

At 06:42 AM 8/28/2000 +0530, you wrote:
I recently came across a software (GhostMail 5.1) which lets you send
e-mails to anyone assuming any email address. The sender ( a friend of
mine) had assumed the identity as
his_name@his_domain .

Sure, and the post office does not object to me calling myself as "Ghane".

Seeing this , i was amazed that the whole purpose of password protection
in emails
is a fake ,  when anyone can send any mail with a reply to address as

No. There is no password or authentication required to call myself Ghane. I can send letters through the postal services, marking the sender's address as "Ghane".

I even came across this text , a technique for sending fake e-mails. You
telnet to the smtp port of a mail server use the following commds and
a fake mail with a different return address. I tried this and it does
work .

Exactly. Letters I send with the my address as "Ghane" can be dropped off into ANY post box in Delhi. No questions asked.

Is there a way of defeating this???

Defeat what?  Think it over carefully.  What is the security issue here?

And i don' wanna use  filters. The person can assume a diffent name and
can mail from a different mail server each time he mails.

Mohit Sood

If you really are Mohit Sood. For all I know, you may be Neil with a spellchecker ;-)

-- Ghane (yes, Ghane)