ISP phishing

• Previous message (by thread): ISP phishing
• Next message (by thread): ISP phishing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 29 Jun 2005, Suresh Ramasubramanian wrote:

> On 29/06/05, william(at)elan.net <william at elan.net> wrote:
>>
>> BTW - I happened to know person who has setup email forwarding for his
>> department in major university in st.louis on sparc2 12 years ago.
>> It is still working as far as I know! Last mail software update on it
>> I believe was made 5 or 6 years ago when open relaying was disabled.
>>
>
> We dont do sender rewriting / envelope rewriting for forwarded email,
> just pass it on
>
> We'll prepend Resent: headers though .. that should be enough

And that would like be against what is specified in RFC2822 as in
section 3.6.6 it says:

----------------------------------------------------------------------
Note: Reintroducing a message into the transport system and using
resent fields is a different operation from "forwarding".
"Forwarding" has two meanings: One sense of forwarding is that a mail
reading program can be told by a user to forward a copy of a message
to another person, making the forwarded message the body of the new
message. A forwarded message in this sense does not appear to have
come from the original sender, but is an entirely new message from
the forwarder of the message.  On the other hand, forwarding is also
used to mean when a mail transport program gets a message and
forwards it on to a different destination for final delivery. Resent
header fields are not intended for use with either type of forwarding.
----------------------------------------------------------------------

You really should not be using Resent- unless this is done from MUA
by direct manual action of the user - but use of Resent- by automated
MTA process is not ok.

> But well, we run linux and postfix, and a reasonably recent (non
> bleeding edge) version of both.  We're not running on sendmail 8.8.8
> or whatever your university department friend was running, I assure
> you

The point is that there are many systems setup all over the world and
people don't realize how many of those small intermediate systems are
out there that are not running recent mail software. And because for 
forwarding systems setup many do not need to do more then relay to
pre-defined address from aliases file or database, there is little need
to to keep system updated to latest standards and this creates a very
big problem as far as getting every forwarding system updated fast with
something like SRS.

-- 
William Leibzon
Elan Networks
william at elan.net

• Previous message (by thread): ISP phishing
• Next message (by thread): ISP phishing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]