Full Disclosure mailing list archives
Improving E-mail security...
From: "Bengt Ruusunen" <bengtij () hotmail com>
Date: Wed, 27 Aug 2003 02:14:43 +0300
Hello,As everybody knows that recent viruses spread via sending spoofed 'sender address'.
fex.I am a person 'someone () someone com' and got so called 'return mail' from 'someone () receiving organisation com' telling that mail sent by me (which I never sent in a first place) cannot be delivered. Obviously containg somekind malware as an attachment.
This kind of 'spread method' could easily stopped if the mail servers include some kind of fingerprint to the passing E-mail.
If the return mail (mail receiver server checks this against an private key or something) does not contain an fingerprint then the returned mail should not be delivered 'back to the sender'.
Rather clever way to counterfeit the sender address, it might double the infection if the bounce to the 'sender' leads to infection.
Now, what this kind of 'hardening' might need is...- E-mail receiving server could check that 'very first original' From: line and if it is same than the receiver address ie. 'someone () someone com'
Perform an check to see if the 'sender identification' ie. salted public key, GUID or something (X-Authenticated-Guid: #0a845d299ca340087140) exists in mail header.
Delivery should be done only if an 'sender identification' exist and the key matches.
Otherwise mail should be trashed to dev/null :) Waiting for comments and succestions... _________________________________________________________________MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Improving E-mail security... Bengt Ruusunen (Aug 26)
- Re: [LONG] Improving E-mail security... lceone () comcast net (Aug 26)
- Re: [LONG] Improving E-mail security... Ron DuFresne (Aug 27)
- Re: [LONG] Improving E-mail security... Valdis . Kletnieks (Aug 27)
- <Possible follow-ups>
- RE: Improving E-mail security... Leif Sawyer (Aug 26)
- RE: Improving E-mail security... Eric Wagner (Aug 27)
- Re: Improving E-mail security... I.R.van Dongen (Aug 27)
- Re: [LONG] Improving E-mail security... lceone () comcast net (Aug 26)