host Dec 14 14:36:40 2007
Received: from false.host (real.host [real.IP.address]) by your.host (8.14.1/8.14.1)
id AA00998; Thu, 14 Dec 2007 14:36:38 -0700
Message-Id: <200712141257.l0NFSKNK016837@yourhost>
From: root@false.host (System Administration)
To: you@your.host
Subject: Change your password now!
Date: Thu, 14 Dec 2007 05:47:46 -0800
To improve security at our location you are requested to immediately
change your password. The password you have been assigned is:
7Fuzzy1's
Thank you,
--root
Fortunately, this Received: header contains the name of the real host (which is not
always the case). An attentive user can tell that this is a forged message because the
host in that header line differs from the false hostname used in the other header lines.
However, most mail-reading programs allow users to filter out (prevent your seeing)
uninteresting header lines.?? Typically, users choose to ignore headers such as
Received: and Message-ID:. For suchusers, the task of detecting forged mail is much
more difficult. Instead of seeing the earlier message with real hostnames, they might
see the following with only false names:
From root@false.host Dec 14 14:36:40 2007
From: root@false.host (System Administration)
To: you@your.host
Subject: Change your password now!
Date: Thu, 14 Dec 2007 14:36:38 -0800
* V8 sendmail also tries to verify the connection itself with identd, if possible.
Pages:
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334