I would like to apologize for responding to the analogy, I perceived it as
sincere at first. (I
should have read the entire thread and then do responses)
I will go punish myself accordingly now. :)
Terry Fielder
Manager Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
terry(_at_)greatgulfhomes(_dot_)com
Fax: (416) 441-9085
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of
terry(_at_)ashtonwoodshomes(_dot_)com
Sent: Tuesday, November 23, 2004 8:11 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] Re: Can the SPF technique be used
to stop IP
addres
OK, enough beating him up, he is trying (albeit misguided).
His solution is valid iff the source and target are on the
same subnet, which is quite feasible
(picture server co-location, many servers in a server room
all sharing the same subnet).
But David, even then the solution is not workable, there is
nothing that stops the "source" from
generating packets where the source MAC is the spoofed
machine. And yes the spoofer can see the
responses (that are aimed to the spoofed machine) you just
need to turn the source machine (spammer)
NIC into permiscuos mode and sniff the packets.
Terry Fielder
Manager Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
terry(_at_)greatgulfhomes(_dot_)com
Fax: (416) 441-9085
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of
James Couzens
Sent: Tuesday, November 23, 2004 6:01 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Re: Can the SPF technique be used to stop IP
addres
On Tue, 2004-11-23 at 11:52 +0100, Stephane Bortzmeyer wrote:
That's just like forwarding -- it's _forgery_ when _your_ router
sends packets with _my_ IP address.
Sorry, David but, since it is not April 1st, I conclude
that you know
almost nothing to IP. You should talk only about SPF and
SMTP, where
your posts (specially about the forwarding problem) are much more
interesting.
It's _my_ IP address, and it's my right to demand that you stop
forging it. Your router needs to use NAT.
Damn! My coffee is now spilled over my keyboard!
I don't think he knows anything about ice skating or the
linux kernel
EITHER.
Cheers,
James
--
James Couzens,
Programmer
((__)) __\|/__ __|-|__ '. ___ .'
(00) (o o) (0~0) ' (> <) '
---nn-(o__o)-nn---ooO--(_)--Ooo--ooO--(_)--Ooo---ooO--(_)--Ooo---
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A7C7DCF
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in
Atlanta features SPF and Sender ID.
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in
Atlanta features SPF and Sender ID.
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com