*BSD News Article 77389

Return to BSD News archive 

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!spool.mu.edu!howland.erols.net!newsfeed.internetmci.com!hookup!news.nstn.ca!coranto.ucs.mun.ca!news.unb.ca!agate.nbnet.nb.ca!news
From: cavenerl@nbnet.nb.ca (Lance Cavener)
Newsgroups: comp.unix.bsd.bsdi.misc
Subject: Re: Write Secret Love Letters
Date: Mon, 02 Sep 1996 23:52:36 GMT
Organization: Senarius Inc.
Lines: 34
Message-ID: <50igf6$9u4@agate.nbnet.nb.ca>
References: <Dx0p2v.7rn@konark.ncst.ernet.in> <50di6r$jmd@agate.nbnet.nb.ca> <322C6FE0.41C67EA6@empac.com>
Reply-To: cavenerl@nbnet.nb.ca
NNTP-Posting-Host: mctnts01c18.nbnet.nb.ca
X-Newsreader: Forte Free Agent 1.0.82

On stardate Tue, 03 Sep 1996 10:50:24 -0700, Richard Heaton
<rheaton@empac.com> sent holographic email and wrote:


>Actually , you are both wrong. Sendmail (SMTP actually) HELO will accept a fake name in the handshake, but new versions
>of SMTP will try to identify the real identity with identd as well as reverse DNS lookups. It will put the real name
>into the Recived header (which not all mailers display). This is well known and has been around for a while. See p 243
>of "SENDMAIL" , Costales,B., O'Reilly & Associates, 1993 . 

 Yeah, and that slows the hell out of my system. Its just like having
httpd do resolve DNS stuff.. 

 But still, the point is, if you send it, most mailreaders don't show
you all thoes useless headers, and if it does, most people don't look
at it (who cares right?), so most of the time you can accually get
away with that fakemail

>BTW Please try not to post crap like this to the net. If you are trying to do a service to the community by pointing out
>possible security holes, then fine, great ( maybe use the correct forum, though, like com.unix.security) . If you are
>trying to show us all what a great hacker (cracker in this case?) you are then keep it to the groups like alt.hackers
>where stupid human tricks like this might be appreciated.

 As I said in my last post. Fakemailing is pure stupidity, and only
something a lame AOLer would do..


--
,-------------------------------------------------------,
|Lance Cavener                Systems Administrator     |
|cavenerl@nbnet.nb.ca         Senarius Inc.             |
|admin@novacon.com                                      |
|"Microsoft sent 54 programmers to Apple? You lie......"|
`-------------------------------------------------------'