On Thu, 6 May 1999, Marilyn Davis wrote:
> I need to understand IP spoofing. I understand that it is the general
> consensus that it can be done, but how. Don't you have to reveal your
> real IP address to get a message out?
Exim by default blocks incoming calls with "source routed" IP return
addresses. Check out the kill_ip_options and refuse_ip_options settings,
and have a look at the code in smtp_in.c to see how this is implemented.
It's all very hairy. I don't understand it very well and this code got
copied from elsewhere. It is also hard to test!
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
--
*** Exim information can be found at
http://www.exim.org/ ***
