| Current File : //var/qmail/man/cat7/forgeries.0 |
Device and Network Interfaces forgeries(7)
N�N�N�NA�A�A�AM�M�M�ME�E�E�E
forgeries - how easy it is to forge mail
S�S�S�SU�U�U�UM�M�M�MM�M�M�MA�A�A�AR�R�R�RY�Y�Y�Y
An electronic mail message can easily be forged. Almost
everything in it, including the return address, is com-
pletely under the control of the sender.
An electronic mail message can be manually traced to its
origin if (1) all system administrators of intermediate
machines are both cooperative and competent, (2) the sender
did not break low-level TCP/IP security, and (3) all inter-
mediate machines are secure.
Users of _�c_�r_�y_�p_�t_�o_�g_�r_�a_�p_�h_�y can automatically ensure the integrity
and secrecy of their mail messages, as long as the sending
and receiving machines are secure.
F�F�F�FO�O�O�OR�R�R�RG�G�G�GE�E�E�ER�R�R�RI�I�I�IE�E�E�ES�S�S�S
Like postal mail, electronic mail can be created entirely at
the whim of the sender. F�F�F�Fr�r�r�ro�o�o�om�m�m�m, S�S�S�Se�e�e�en�n�n�nd�d�d�de�e�e�er�r�r�r, R�R�R�Re�e�e�et�t�t�tu�u�u�ur�r�r�rn�n�n�n-�-�-�-P�P�P�Pa�a�a�at�t�t�th�h�h�h, and
M�M�M�Me�e�e�es�s�s�ss�s�s�sa�a�a�ag�g�g�ge�e�e�e-�-�-�-I�I�I�ID�D�D�D can all contain whatever information the sender
wants.
For example, if you inject a message through s�s�s�se�e�e�en�n�n�nd�d�d�dm�m�m�ma�a�a�ai�i�i�il�l�l�l or
q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-i�i�i�in�n�n�nj�j�j�je�e�e�ec�c�c�ct�t�t�t or S�S�S�SM�M�M�MT�T�T�TP�P�P�P, you can simply type in a F�F�F�Fr�r�r�ro�o�o�om�m�m�m field.
In fact, q�q�q�qm�m�m�ma�a�a�ai�i�i�il�l�l�l-�-�-�-i�i�i�in�n�n�nj�j�j�je�e�e�ec�c�c�ct�t�t�t lets you set up M�M�M�MA�A�A�AI�I�I�IL�L�L�LU�U�U�US�S�S�SE�E�E�ER�R�R�R, M�M�M�MA�A�A�AI�I�I�IL�L�L�LH�H�H�HO�O�O�OS�S�S�ST�T�T�T,
and M�M�M�MA�A�A�AI�I�I�IL�L�L�LN�N�N�NA�A�A�AM�M�M�ME�E�E�E environment variables to produce your desired
F�F�F�Fr�r�r�ro�o�o�om�m�m�m field on every message.
T�T�T�TR�R�R�RA�A�A�AC�C�C�CI�I�I�IN�N�N�NG�G�G�G F�F�F�FO�O�O�OR�R�R�RG�G�G�GE�E�E�ER�R�R�RI�I�I�IE�E�E�ES�S�S�S
Like postal mail, electronic mail is postmarked when it is
sent. Each machine that receives an electronic mail message
adds a R�R�R�Re�e�e�ec�c�c�ce�e�e�ei�i�i�iv�v�v�ve�e�e�ed�d�d�d line to the top.
A modern R�R�R�Re�e�e�ec�c�c�ce�e�e�ei�i�i�iv�v�v�ve�e�e�ed�d�d�d line contains quite a bit of information.
In conjunction with the machine's logs, it lets a competent
system administrator determine where the machine received
the message from, as long as the sender did not break low-
level TCP/IP security or security on that machine.
Large multi-user machines often come with inadequate logging
software. Fortunately, a system administrator can easily
obtain a copy of a 931/1413/Ident/TAP server, such as
p�p�p�pi�i�i�id�d�d�de�e�e�en�n�n�nt�t�t�td�d�d�d. Unfortunately, some system administrators fail to
do this, and are thus unable to figure out which local user
was responsible for generating a message.
If all intermediate system administrators are competent, and
the sender did not break machine security or low-level
TCP/IP security, it is possible to trace a message back-
wards. Unfortunately, some traces are stymied by
SunOS 5.11 Last change: 1
Device and Network Interfaces forgeries(7)
intermediate system administrators who are uncooperative or
untrustworthy.
C�C�C�CR�R�R�RY�Y�Y�YP�P�P�PT�T�T�TO�O�O�OG�G�G�GR�R�R�RA�A�A�AP�P�P�PH�H�H�HY�Y�Y�Y
The sender of a mail message may place his message into a
_�c_�r_�y_�p_�t_�o_�g_�r_�a_�p_�h_�i_�c envelope stamped with his seal. Strong cryp-
tography guarantees that any two messages with the same seal
were sent by the same cryptographic entity: perhaps a sin-
gle person, perhaps a group of cooperating people, but in
any case somebody who knows a secret originally held only by
the creator of the seal. The seal is called a _�p_�u_�b_�l_�i_�c _�k_�e_�y.
Unfortunately, the creator of the seal is often an insecure
machine, or an untrustworthy central agency, but most of the
time seals are kept secure.
One popular cryptographic program is p�p�p�pg�g�g�gp�p�p�p.
S�S�S�SE�E�E�EE�E�E�E A�A�A�AL�L�L�LS�S�S�SO�O�O�O
pgp(1), identd(8), qmail-header(8)
SunOS 5.11 Last change: 2