WebApp Sec mailing list archives
Re: Re: Re: Suggestion: email anti-spoof measure on web site
From: mike () sharecube com
Date: 20 Jan 2006 19:31:49 -0000
True, there is a Send Page, but not if you have hotmail, yahoo, or google mail. Also, in a brief survey I made, 100% of the medium technical people I asked (all work for high tech companies) did not know about and obviously have never used this feature. They liked and have used send friend feature in other web sites. I agree that send freidn service can be exploited as you have pointed out. I disagree that it must be shut down. Good checks should be recommended. Mike ------------------------------------------------------------------------- This List Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh --------------------------------------------------------------------------
Current thread:
- Suggestion: email anti-spoof measure on web site ma . huijuan (Jan 18)
- <Possible follow-ups>
- Re: Suggestion: email anti-spoof measure on web site mike (Jan 19)
- Re: Suggestion: email anti-spoof measure on web site Georgi Alexandrov (Jan 23)
- Re: Re: Suggestion: email anti-spoof measure on web site ma . huijuan (Jan 19)
- Re: Re: Re: Suggestion: email anti-spoof measure on web site mike (Jan 20)