trusty (7) forgeries.7.gz

Provided by: qmail_1.06-5_amd64 bug

NAME
       forgeries - how easy it is to forge mail


SUMMARY
       An  electronic mail message can easily be forged.  Almost everything in it, including the return address,
       is completely under the control of the sender.

       An electronic mail message can be manually traced to its origin  if  (1)  all  system  administrators  of
       intermediate  machines  are both cooperative and competent, (2) the sender did not break low-level TCP/IP
       security, and (3) all intermediate machines are secure.

       Users of cryptography can automatically ensure the integrity and secrecy of their mail messages, as  long
       as the sending and receiving machines are secure.


FORGERIES
       Like  postal  mail,  electronic  mail  can  be created entirely at the whim of the sender.  From, Sender,
       Return-Path, and Message-ID can all contain whatever information the sender wants.

       For example, if you inject a message through sendmail or qmail-inject or SMTP, you can simply type  in  a
       From field.  In fact, qmail-inject lets you set up MAILUSER, MAILHOST, and MAILNAME environment variables
       to produce your desired From field on every message.


TRACING FORGERIES
       Like postal mail, electronic mail is  postmarked  when  it  is  sent.   Each  machine  that  receives  an
       electronic mail message adds a Received line to the top.

       A  modern  Received line contains quite a bit of information.  In conjunction with the machine's logs, it
       lets a competent system administrator determine where the machine received the message from, as  long  as
       the sender did not break low-level TCP/IP security or security on that machine.

       Large   multi-user  machines  often  come  with  inadequate  logging  software.   Fortunately,  a  system
       administrator can easily obtain a copy of a 931/1413/Ident/TAP server, such as  pidentd.   Unfortunately,
       some  system  administrators  fail  to  do  this,  and are thus unable to figure out which local user was
       responsible for generating a message.

       If all intermediate system administrators are competent, and the sender did not break machine security or
       low-level  TCP/IP  security, it is possible to trace a message backwards.  Unfortunately, some traces are
       stymied by intermediate system administrators who are uncooperative or untrustworthy.


CRYPTOGRAPHY
       The sender of a mail message may place his message into a cryptographic envelope stamped with  his  seal.
       Strong  cryptography  guarantees  that  any  two  messages  with  the  same  seal  were  sent by the same
       cryptographic entity: perhaps a single person, perhaps a group of cooperating people,  but  in  any  case
       somebody who knows a secret originally held only by the creator of the seal.  The seal is called a public
       key.

       Unfortunately, the creator of the seal is often an insecure machine, or an untrustworthy central  agency,
       but most of the time seals are kept secure.

       One popular cryptographic program is pgp.


SEE ALSO
       pgp(1), identd(8), qmail-header(8)

                                                                                                    forgeries(7)