Hello Exim People,
Our mail machine was heavily attacked over the weeks that we hosted
the email voting facility for "La Consulta", a vote taken in Mexico by
Zapatista revolutionaries in support of the indigenous in Chiapas and
against the corrupt government. (see
http://www.deliberate.com/consulta/results for an analysis of the
attack)
During the attacks I went running to my local linux users' group email
list for help and advice. The big advice was to use Exim. So here I
am.
Our attackers' favorite trick was to forge email addresses. I was
able to take all the false ballots out of the data by comparing IP
addresses in the headers with the email address domains. This worked
100% -- this time. But I understand that IP addresses can be forged
too.
I'm wondering what to do to prepare for the next time. I'm a
programmer and can break into Exim's code if that helps. I can bite
the bullet and demand that our voters do a confirm -- but I see that
as a surrender to the attackers and really don't want to unless
there's no other way.
Does anyone have any ideas? Can you tell me about an
email-security-minded email list if this isn't the proper forum?
Thank you for your thoughts.
*
Marilyn *
*
*
Marilyn Davis, Ph.D.-------------- * ---- eVote - online polling
| * software for email lists
| * *
marilyn@??? * *
(650) 965-7121 ------------- * * -------- http://www.deliberate.com
*
--
*** Exim information can be found at
http://www.exim.org/ ***
