procmail
[Top] [All Lists]

Re: detecting faked "From"

2001-07-19 20:48:52
At 19:59 2001-07-19 -0700, Andrew Edelstein wrote:

I think you're thinking about the problem too much.
If the "From:" address is @geol.ucsb.edu, it doesn't much matter if it's
forged or not. The response is still going to go to an address within the
subdomain. There is no way to spoof an address in such a way that the
auto-responder will send it's responce to other than where it thinks it's
respnding.

See RFC 2821 (which superceeded 821), section 3.6.2.

Basically, From: isn't inherently the address to which a reply will be sent - Reply-To: would override it. If you check the From field, then send a reply using the proper mechanism (formail -rtzxTo:), then you may very well reply to an address which differs from the From.

A little demonstration: just hit REPLY to *THIS* message, and see what address comes up, despite the From: header. This is my standard configuration for posts to this list.

However, I agree with the basic premise that the reply address should be checked for the desired domain, unless some other argument is put forth as to why this isn't suitable.

---
 Sean B. Straw / Professional Software Engineering

 Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
 Please DO NOT carbon me on list replies.  I'll get my copy from the list.

_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>