On Thu, Sep 02, 2004 at 03:06:49PM -0700, Rand Wacker wrote:
For this reason, it may end up being the case that Sender ID can not
reliably prevent spoofing for messages that take complex paths; but there
is some solace in that these complex paths are usually managed by the
*receiver*.
But what prevents a malicious individual to either set up such complex
path himself or pretend that the message is travelling through such a
complex path? As I understand it, the 2822 headers are easy to make up
yourself (in fact, the senderid documents endorse doing this), which
makes it easy to fool the senderid check.
Koen
--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/