Re: tmda: Challenge-response is fundamentally broken
Mark Brown <broonie@sirena.org.uk> writes:
> The part where SMTP is completely unauthenticated means that this
> doesn't help - the SMTP envelope sender can be forged just as easily as
> the From: inside the message.
You're right, I forgot to say that the idea only applies to
non-relayed mail where the other end is the originator. Forging the
TCP connection is more difficult than simple header forgery.
--
* A man's only as old as the woman he feels. (Groucho Marx) *
* PGP public key available @ http://www.iki.fi/killer *
Reply to: