Bugtraq mailing list archives
Validating email sender
From: hsdc1l () rhein-neckar netsurf de (Brendan McKenna)
Date: Sun, 30 Jun 1996 12:38:43 +0200
Hi,
I hope this question is appropriate to this group, but our customers
have asked me to develop an interface to one of their applications that uses
email messages to perform certain functions. As a part of this, I have to
ensure that the sender of the email is authorized to carry out the action that
is contained in the message. My question is, given the ease with which
someone can forge email by telnet'ing to port 25, for example, what is the best
way to ensure that the id in the From:, Sender:, or Reply-To: is actually the
one that sent the message?
Any help would be greatly appreciated!
Thanks,
Brendan
Current thread:
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Jon Lewis (Jun 28)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Brian Tao (Jun 29)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Andrew Liles (Jun 30)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Jon Lewis (Jun 30)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Casper Dik (Jun 30)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Andrew Liles (Jun 30)
- Validating email sender Brendan McKenna (Jun 30)
- Re: Validating email sender Squidge (Jun 30)
- Re: Validating email sender Alan Brown (Jun 30)
- Re: Validating email sender Casper Dik (Jun 30)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Brian Tao (Jun 29)
- portmapper dangers der Mouse (Jun 30)
- Re: portmapper dangers Julian Assange (Jun 30)
- Re: portmapper dangers Casper Dik (Jun 30)
- <Possible follow-ups>
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability James Seng (Jun 30)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Jon Lewis (Jun 30)
- Re: [linux-security] BoS: CERT Advisory CA-96.12 - Vulnerability Michael Constant (Jun 30)