[Mailman-Users] List Security

[J C Lawrence]

On Wed, 23 Oct 2002 19:00:06 +0200 
Dan Richter <daniel.richter at wimba.com> wrote:

> Pardon me for being a pain here, but isn't it ridiculously easy to
> forge a From:, and also rather easy to forge an envelope?

From: is trivial under many MTAs.  Envelope requires understanding SMTP
and driving that manually.  However, this is largely moot: if you need
strong(er) authentication in email systems, period, and this is not just
limited to Mailman, you're basically into the realms of PKI.

  Exception: (I do this in a couple case) I require mail arriving with
  specific From: and Envelopes to also list specific addresses in the
  Received: headers.  This is not strong, it is equally trivially forged
  as the envelope, but it is (currently) a sufficient barrier to entry
  to cut even the few who do forge envelopes that I've found.

> Now I'll be humble and admit that I don't even know what an envelope
> is. 

Crudely, its the "From " header (note the space).  More usefully the
envelope contains the return-path, the address to which a bounce should
be sent back to if this message bounces.

> So my question about the envelope really boils down to: if I have root
> access on a machine other than the one Mailman is running on, can I
> fool Mailman's envelope recognition?

Absolutely.

You don't need root access on any system to forge email.

-- 
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw at kanga.nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.