Olympus-OM
[Top] [All Lists]

RE: [OM] ID cloning

Subject: RE: [OM] ID cloning
From: "Olaf Greve" <o.greve@xxxxxxx>
Date: Mon, 24 Sep 2001 10:30:39 +0200
Cc: <cnocbui@xxxxxxxxx>
Hi Giles and others,

> The List software (Majordomo) is set up to accept only email addresses
from
> people who are on the list or digest, effectively blocking spam and email
> viruses. It does not look at the ISP from which it is sent. All it takes
to
> steal someones identity is to temporary change your account properties /
> email address into the one that's used by any list member you want to
bring
> into discredit.

Our "friend" Oben obviously knows how to forger e-mails up to a certain
extent, but does he really not know that some information in the headers
cannot be forged?

Well, a small explanation, each message carries a very interesting entry
called "Received by". What's the good thing about this? Indeed, it carries
the REAL originating IP address.

I hereby volunteer to take a look at the source code of the list software to
see if it's possible to bind a subscribed e-mail address to an originating
domain (doing a one-on-one match to a unique IP address will probably not
work as the paths being used may not always be unique). Then, whenever a
message is received the header can be checked to see if the message comes
from the validated originating domain, and if it doesn't, the message should
be brought to your attention.

Oben probably thinks of himself as a super-hi-tech-hot-shot, but instead of
doing e-mail forgery the proper way, he failed miserably at it, so with a
small change in the list software, his meagre hacker's attempts can easily
be blocked. Strange that Oben wasn't more original and more meticulous in
his e-mail forgery, he was once a member of the FreeBSD list until he got
kicked off of that one too. This leads me to think that he should be
knowledgeable enough to at least properly forger headers.

Oben: You're undoubtedly reading this, so here's a note for you: Keep at it,
we'll find ways to block you. "Have a nice day!"

Cheers!
Olafo


< This message was delivered via the Olympus Mailing List >
< For questions, mailto:owner-olympus@xxxxxxxxxxxxxxx >
< Web Page: http://Zuiko.sls.bc.ca/swright/olympuslist.html >


<Prev in Thread] Current Thread [Next in Thread>
Sponsored by Tako
Impressum | Datenschutz