Provided by: qmail_1.06-4_i386 bug


       forgeries - how easy it is to forge mail


       An  electronic mail message can easily be forged.  Almost everything in
       it, including the return address, is completely under  the  control  of
       the sender.

       An  electronic mail message can be manually traced to its origin if (1)
       all system administrators of intermediate machines are both cooperative
       and  competent, (2) the sender did not break low-level TCP/IP security,
       and (3) all intermediate machines are secure.

       Users of  cryptography  can  automatically  ensure  the  integrity  and
       secrecy  of  their  mail messages, as long as the sending and receiving
       machines are secure.


       Like postal mail, electronic mail can be created entirely at  the  whim
       of  the  sender.   From,  Sender,  Return-Path,  and Message-ID can all
       contain whatever information the sender wants.

       For example, if you inject a message through sendmail  or  qmail-inject
       or  SMTP,  you  can simply type in a From field.  In fact, qmail-inject
       lets you set up MAILUSER, MAILHOST, and MAILNAME environment  variables
       to produce your desired From field on every message.


       Like  postal mail, electronic mail is postmarked when it is sent.  Each
       machine that receives an electronic mail message adds a  Received  line
       to the top.

       A  modern  Received  line  contains  quite  a  bit  of information.  In
       conjunction with  the  machine's  logs,  it  lets  a  competent  system
       administrator determine where the machine received the message from, as
       long as the sender did not break low-level TCP/IP security or  security
       on that machine.

       Large  multi-user machines often come with inadequate logging software.
       Fortunately, a system administrator can  easily  obtain  a  copy  of  a
       931/1413/Ident/TAP server, such as pidentd.  Unfortunately, some system
       administrators fail to do this, and are thus unable to figure out which
       local user was responsible for generating a message.

       If all intermediate system administrators are competent, and the sender
       did not break machine security or  low-level  TCP/IP  security,  it  is
       possible  to trace a message backwards.  Unfortunately, some traces are
       stymied by intermediate system administrators who are uncooperative  or


       The sender of a mail message may place his message into a cryptographic
       envelope stamped with his seal.  Strong  cryptography  guarantees  that
       any two messages with the same seal were sent by the same cryptographic
       entity: perhaps a single person, perhaps a group of cooperating people,
       but in any case somebody who knows a secret originally held only by the
       creator of the seal.  The seal is called a public key.

       Unfortunately, the creator of the seal is often an insecure machine, or
       an  untrustworthy  central  agency, but most of the time seals are kept

       One popular cryptographic program is pgp.


       pgp(1), identd(8), qmail-header(8)