RE: [courier-users] courier and smtp-auth - Roger B.A. Klorese - net.sourceforge.lists.courier-users

15 messages in net.sourceforge.lists.courier-usersRE: [courier-users] courier and smtp-...

From	Sent On	Attachments
Dario Alonso	Oct 8, 2003 8:37 am
Anand Buddhdev	Oct 8, 2003 8:58 am
Gordon Messmer	Oct 8, 2003 12:09 pm
Dario Alonso	Oct 8, 2003 2:02 pm
Dario Alonso	Oct 8, 2003 2:04 pm
Bowie Bailey	Oct 8, 2003 2:49 pm
Jeff Jansen	Oct 8, 2003 2:50 pm
Dario Alonso	Oct 8, 2003 2:58 pm
Roger B.A. Klorese	Oct 8, 2003 3:07 pm
Gordon Messmer	Oct 8, 2003 3:14 pm
Sam Varshavchik	Oct 8, 2003 3:53 pm
martin	Oct 9, 2003 6:20 am
Dario Alonso	Oct 9, 2003 1:38 pm
Dario Alonso	Oct 9, 2003 1:41 pm
martin	Oct 10, 2003 5:30 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	RE: [courier-users] courier and smtp-auth	Actions...
From:	Roger B.A. Klorese (rog...@queernet.org)
Date:	Oct 8, 2003 3:07:42 pm
List:	net.sourceforge.lists.courier-users

Yes, anyone should be able to send mail to users in my domain, that's right... but the problem is with the "jokers". i.e. one valid user, user1, want's to send a fake mail to user2. He could create one fake account (user3) from my domain in his MUA (evolution, kmail, etc...), and not use authentication for smtp. He could send without problems a mail from user3@mydomain to user2@mydomain That is what it seems to me. Can be avoided that?

And he can still do that. Authentication doesn't set his From: header.

All you've gained is a logged authentication to check it against.

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: