-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dotzero wrote:
On 1/6/08, Edmig <emgemgemg(_at_)gmail(_dot_)com> wrote:
Which of these addresses is connecting to your mailhost?
There is only one source address in a TCP connection, and it can't be
forged.
What matters is that a domain owner is willing to assume
responsibility for that address.
I love it when someone makes a delcarative statement that is incorrect.
As I read what you wrote I immediately thought of a case even before
reading your next sentence.
When an IP address is on the same subnet (collision domain) as another,
it is certainly possible to forge the source IP address. Now most
people would think of that in an RFC1918 context. But what about small
companies/organizations that are assigned external IPs by their
upstream. Food for thought.
Then they cannot talk SMTP to the outside Internet directly because TCP
return packets will be routed to where those IP addresses are
_officially_ allocated. Thus this is of no concern to MTAs receiving
inbound SMTP connections.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHgjcywL7PKlBZWjsRAqPXAKDjgeH9hAy0tJulFWl6rHI6hZZujwCglPF6
h/uOE5Rmqz/ygo10Uk4V+Fw=
=NDva
-----END PGP SIGNATURE-----
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=82582024-5ee0fb
Powered by Listbox: http://www.listbox.com