[PLUG] Saving bandwidth...
Jeff Schwaber
freyley at gmx.net
Fri Sep 5 01:52:01 UTC 2003
On Fri, 2003-09-05 at 01:10, Paul Johnson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, Sep 04, 2003 at 09:36:40PM -0700, Jeff Schwaber wrote:
> > > On Wed, Sep 03, 2003 at 04:56:52PM -0700, Jeff Schwaber wrote:
> > > > 1) how do you define a forged header? I have email accounts that do not
> > > > have SMTP servers,
> > >
> > > Then how are you sending or getting replies to them?
> >
> > My ISP, and various of my accounts that do have SMTP servers, all use
> > authenticated SMTP.
>
> Then you *do* have SMTP servers for all those accounts, you're just
> using your ISP's to send instead.
No, I do not.
Examine this example: accounts a and b.
Account A has POP or IMAP access only -- on their servers, there is no
SMTP server that I am allowed to use.
Account B has a POP or IMAP server, but also an authenticated SMTP
server.
To send email from account A, I log in to the SMTP server for Account B,
authenticate, and then send an email whose From: header says Account A,
thereby forging the signature, technically.
Jeff
More information about the PLUG
mailing list