Security Basics mailing list archives
RE: Email Forward/Auto Response
From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 25 Jan 2008 14:39:12 -0800
About the only way that company-x could force email bound for company-y to come to one of its servers is by publishing a fraudulent MX record -- and I think that in turn should probably require them to claim to be authoritative for company-y's domain. Ideally, company-x should find it harder and harder to locate an ISP that will continue to do business with them after a stunt like that. David Gillett
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of _ _ Sent: Friday, January 25, 2008 12:27 PM To: security-basics () securityfocus com Subject: Email Forward/Auto Response What is required to occur if company X (company-x.com) wants to activate an email auto-response for email sent to Joe Blow at joeblow () company-y com and insure that email sent to this address is not read, forwarded, stored or archived? Also, would there be any security or compliance risks associated with doing this (if it is even technically possible)?
Current thread:
- Email Forward/Auto Response _ _ (Jan 25)
- RE: Email Forward/Auto Response David Gillett (Jan 25)
- Re: Email Forward/Auto Response Chris Barber (Jan 28)