procmail
[Top] [All Lists]

Re: detecting faked "From"

2001-07-19 20:07:42
On Thu, Jul 19, 2001 at 04:16:12PM -0700, Dave Robbins wrote:
For security reasons, I want to limit an auto-responder 
to queries from local users only (i.e. users local to my subnet).

If the incoming mail is from geol.ucsb.edu,
I want the auto-responder to respond
otherwise ignore the request.

I think you're thinking about the problem too much.
If the "From:" address is @geol.ucsb.edu, it doesn't much matter if it's
forged or not. The response is still going to go to an address within the
subdomain. There is no way to spoof an address in such a way that the
auto-responder will send it's responce to other than where it thinks it's
respnding. Your only problem therefor, is if the autoresponder carries out
some action other than simply sending an email responce, or if somoene has
hacked one of the machines within your subdomain to forward mail outside. The
latter is completely outside the control of the autoresponder, and you have
bigger problems anyway.

-- 
Every man should know how to make at least one drink from a foreign country,
preferably one taught to him by a local female with whom he has had a
complicated, unresolved, and quite possibly dangerous dalliance.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>