Provided by: qmail_1.06-4_i386
forgeries - how easy it is to forge mail
An electronic mail message can easily be forged. Almost everything in
it, including the return address, is completely under the control of
An electronic mail message can be manually traced to its origin if (1)
all system administrators of intermediate machines are both cooperative
and competent, (2) the sender did not break low-level TCP/IP security,
and (3) all intermediate machines are secure.
Users of cryptography can automatically ensure the integrity and
secrecy of their mail messages, as long as the sending and receiving
machines are secure.
Like postal mail, electronic mail can be created entirely at the whim
of the sender. From, Sender, Return-Path, and Message-ID can all
contain whatever information the sender wants.
For example, if you inject a message through sendmail or qmail-inject
or SMTP, you can simply type in a From field. In fact, qmail-inject
lets you set up MAILUSER, MAILHOST, and MAILNAME environment variables
to produce your desired From field on every message.
Like postal mail, electronic mail is postmarked when it is sent. Each
machine that receives an electronic mail message adds a Received line
to the top.
A modern Received line contains quite a bit of information. In
conjunction with the machine's logs, it lets a competent system
administrator determine where the machine received the message from, as
long as the sender did not break low-level TCP/IP security or security
on that machine.
Large multi-user machines often come with inadequate logging software.
Fortunately, a system administrator can easily obtain a copy of a
931/1413/Ident/TAP server, such as pidentd. Unfortunately, some system
administrators fail to do this, and are thus unable to figure out which
local user was responsible for generating a message.
If all intermediate system administrators are competent, and the sender
did not break machine security or low-level TCP/IP security, it is
possible to trace a message backwards. Unfortunately, some traces are
stymied by intermediate system administrators who are uncooperative or
The sender of a mail message may place his message into a cryptographic
envelope stamped with his seal. Strong cryptography guarantees that
any two messages with the same seal were sent by the same cryptographic
entity: perhaps a single person, perhaps a group of cooperating people,
but in any case somebody who knows a secret originally held only by the
creator of the seal. The seal is called a public key.
Unfortunately, the creator of the seal is often an insecure machine, or
an untrustworthy central agency, but most of the time seals are kept
One popular cryptographic program is pgp.
pgp(1), identd(8), qmail-header(8)