ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: TECH-OMISSION: Security vulnerability - Malicious DSN attacks

2004-08-31 11:28:46
from [Carl S. Gutekunst] [Permanent Link] 

Daryl Odnert wrote:


To put it in simple terms, you cannot launch this type of attack
against V using P using unless one of the following is true:

(1) P is an open relay.

(2) The attack messages are sent to P from an IP address that
normally sends mail for domain V.

(3) IP address spoofing is used to make it look like the attack
message is coming from an IP address that normally sends mail for
domain V.
(4) The attack messages are sent to P from an IP address that P considers to be part of its own management domain, and it puts no restrictions on either the MailFrom or the From header field from such IP addresses.
I believe (4) applies to the overwhelming majority of ISP's submission hosts, including all three ISPs that I use regularly, and every hotel, airport, and public WiFi I've used in the past year. 

<csg>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Unencumbered Checking (was Re: DEPLOY: SPF/Sender ID supportin Courier), terry
Next by Date:  Re: Unencumbered Checking (was Re: DEPLOY: SPF/Sender ID supportin Courier), Yakov Shafranovich
Previous by Thread:  RE: TECH-OMISSION: Security vulnerability - Malicious DSNattacks, terry
Next by Thread:  DEPLOY: Prior Art for PRA, Yakov Shafranovich
Indexes:  [Date] [Thread] [Top] [All Lists]