[Exim] Re: SMTP Auth doesn't prevent users from sending as o…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Suresh Ramasubramanian
Datum:  
To: exim-users
Betreff: [Exim] Re: SMTP Auth doesn't prevent users from sending as other users
On 2004-03-23, Bruce Richardson <itsbruce@???> wrote:
> You're coming at this from the wrong direction. They don't need to know
> anybody else's password, just their e-mail address. Then they can
> authenticate as themselves but send e-mail as someone else.


That's cured by -

* Encouraging the use of strong cryptography (pgp / gnupg) among your users

* Finding the forger (typically quite easy if you look at headers and logs) and
throwing him out on his ass.

          srs


--
linux@??? (Suresh Ramasubramanian)
jaharkes@ravel:/usr/src$ mv linux Gnu/Linux
mv: cannot move `linux' to `Gnu/Linux': No such file or directory
    jaharkes @ cs.cmu.edu in reply to RMS on linux.kernel