Provided by: qmail_1.06-6.1_amd64 bug


       forgeries - how easy it is to forge mail


       An  electronic  mail message can easily be forged.  Almost everything in it, including the
       return address, is completely under the control of the sender.

       An electronic mail message can be  manually  traced  to  its  origin  if  (1)  all  system
       administrators of intermediate machines are both cooperative and competent, (2) the sender
       did not break low-level TCP/IP security, and (3) all intermediate machines are secure.

       Users of cryptography can automatically ensure the integrity and  secrecy  of  their  mail
       messages, as long as the sending and receiving machines are secure.


       Like  postal  mail,  electronic  mail  can  be created entirely at the whim of the sender.
       From, Sender, Return-Path, and Message-ID can all contain whatever information the  sender

       For  example,  if  you  inject a message through sendmail or qmail-inject or SMTP, you can
       simply type in a From field.  In fact, qmail-inject lets you set  up  MAILUSER,  MAILHOST,
       and MAILNAME environment variables to produce your desired From field on every message.


       Like  postal  mail,  electronic  mail  is  postmarked  when it is sent.  Each machine that
       receives an electronic mail message adds a Received line to the top.

       A modern Received line contains quite a bit  of  information.   In  conjunction  with  the
       machine's  logs,  it  lets  a  competent  system administrator determine where the machine
       received the message from, as long as the sender did not break low-level  TCP/IP  security
       or security on that machine.

       Large  multi-user  machines  often  come with inadequate logging software.  Fortunately, a
       system administrator can easily obtain a copy of  a  931/1413/Ident/TAP  server,  such  as
       pidentd.   Unfortunately,  some system administrators fail to do this, and are thus unable
       to figure out which local user was responsible for generating a message.

       If all intermediate system administrators are competent, and  the  sender  did  not  break
       machine  security  or  low-level  TCP/IP  security,  it  is  possible  to  trace a message
       backwards.  Unfortunately, some traces are stymied by intermediate  system  administrators
       who are uncooperative or untrustworthy.


       The  sender  of a mail message may place his message into a cryptographic envelope stamped
       with his seal.  Strong cryptography guarantees that any two messages with  the  same  seal
       were  sent  by  the same cryptographic entity: perhaps a single person, perhaps a group of
       cooperating people, but in any case somebody who knows a secret originally  held  only  by
       the creator of the seal.  The seal is called a public key.

       Unfortunately,  the  creator of the seal is often an insecure machine, or an untrustworthy
       central agency, but most of the time seals are kept secure.

       One popular cryptographic program is pgp.


       pgp(1), identd(8), qmail-header(8)