From Address Forged
Daniel Karrenberg Daniel.Karrenberg at ripe.net
Tue Nov 3 21:30:14 CET 1998
To be perfectly clear: 'forging' mail headers to get around mail-from authentication is not accepted behaviour. To quote from ripe-120: "Each RIPE database object has an optional attribute called mnt-by (maintained by). The value of the mnt-by attribute is a reference to a mntner object in the database which describes those authorised to make changes to the object." So forging the mail header must be seen as a deliberate attempt to modify data one is not authorised to modify and defeating a protection scheme (however weak) to do so. This is a crime in most places nowadays. If it is true and we can identify the person who did this beyond doubt, they will owe all "victims" more than an apology. This is the first I hear of mail-from protected objects being modified too. I have been on travel for more than a week now and was not at the NCC when this happened. So my knowledge about the facts is sketchier than I'd like. If this is true I would assume malicious intent on the part of the the person concerned. I have asked the database staff to look into this a bit further. More tomorrow (European time) Daniel > Wilhelm Buehler <hostmaster at xlink.net> writes: > > But you should not use the auth: MAIL-FROM !!! > > We were happy with the MAIL-FROM for years now ... but our "friend" > from rain.fr knows to fake message-id and from-line. > > | > From: Trevor McBryan <hostmaster at xlink.net> > | > Cc: hostmaster at xlink.net > | > Subject: longack > | > Date: Wed, 28 Oct 1998 12:34:27 +0000 > | > Msg-Id: <36370F53.30E4F99F at xlink.net> > | > | [...] > | > | Delete OK: [person] MW1699-RIPE (Martin Weber)
[ lir-wg Archives ]