forgeries(7)      Device and Network Interfaces      forgeries(7)



NAME
     forgeries - how easy it is to forge mail

SUMMARY
     An electronic mail message can  easily  be  forged.   Almost
     everything  in  it,  including  the  return address, is com-
     pletely under the control of the sender.

     An electronic mail message can be  manually  traced  to  its
     origin  if  (1)  all  system  administrators of intermediate
     machines are both cooperative and competent, (2) the  sender
     did  not break low-level TCP/IP security, and (3) all inter-
     mediate machines are secure.

     Users of cryptography can automatically ensure the integrity
     and  secrecy  of their mail messages, as long as the sending
     and receiving machines are secure.

FORGERIES
     Like postal mail, electronic mail can be created entirely at
     the  whim  of  the  sender.   From, Sender, Return-Path, and
     Message-ID can all contain whatever information  the  sender
     wants.

     For example, if you inject a  message  through  sendmail  or
     qmail-inject  or  SMTP, you can simply type in a From field.
     In fact, qmail-inject lets you set  up  MAILUSER,  MAILHOST,
     and  MAILNAME  environment variables to produce your desired
     From field on every message.

TRACING FORGERIES
     Like postal mail, electronic mail is postmarked when  it  is
     sent.  Each machine that receives an electronic mail message
     adds a Received line to the top.

     A modern Received line contains quite a bit of  information.
     In  conjunction with the machine's logs, it lets a competent
     system administrator determine where  the  machine  received
     the  message  from, as long as the sender did not break low-
     level TCP/IP security or security on that machine.

     Large multi-user machines often come with inadequate logging
     software.   Fortunately,  a  system administrator can easily
     obtain a  copy  of  a  931/1413/Ident/TAP  server,  such  as
     pidentd.  Unfortunately, many incompetent system administra-
     tors fail to do this, and are  thus  unable  to  figure  out
     which local user was responsible for generating a message.

     If all intermediate system administrators are competent, and
     the  sender  did  not  break  machine  security or low-level
     TCP/IP security, it is possible to  trace  a  message  back-
     wards.    Unfortunately,   some   traces   are   stymied  by



SunOS 5.5                 Last change:                          1






forgeries(7)      Device and Network Interfaces      forgeries(7)



     intermediate system administrators who are uncooperative  or
     untrustworthy.

CRYPTOGRAPHY
     The sender of a mail message may place his  message  into  a
     cryptographic  envelope stamped with his seal.  Strong cryp-
     tography guarantees that any two messages with the same seal
     were  sent by the same cryptographic entity:  perhaps a sin-
     gle person, perhaps a group of cooperating  people,  but  in
     any case somebody who knows a secret originally held only by
     the creator of the seal.  The seal is called a public key.

     Unfortunately, the creator of the seal is often an  insecure
     machine, or an untrustworthy central agency, but most of the
     time seals are kept secure.

     One popular cryptographic program is pgp.

SEE ALSO
     pgp(1), identd(8), qmail-header(8)



































SunOS 5.5                 Last change:                          2