[ORRando] Email spam: Spoofing vs account hijacking
Jim Bronson
jim.bronson at gmail.com
Wed Mar 18 12:49:19 PDT 2015
Sender Policy Framework would help, as would requiring some sort of
secure protocol for SMTP with valid certificates, but apparently
people don't care enough about the problem of email to agree to work
together to secure it.
On Wed, Mar 18, 2015 at 2:23 PM, Michal Young <michal at cs.uoregon.edu> wrote:
> It’s likely the spam is not coming from the accounts of Cheryl and Asta, and
> changing their passwords will not help. It is, unfortunately, trivially
> easy to forge the “from” header of an email message. The message labeled as
> being from Asta has a message-ID that indicates it came from the Netherlands
> (secudata.nl), and the email labeled as being from Cheryl has a message-ID
> that indicates it came from Brazil (terra.com.br). The spammer (or rather,
> the spam-bot) is likely scanning the mailing list for prior senders and
> forging matching ‘from’ addresses.
>
> There may be ways to filter some of this in the mailing list software, or
> maybe not. It’s an unfortunate consequence of protocols designed way back
> when the internet was a much smaller group of people who pretty much all
> trusted each other.
>
> —Michal
>
>
> _______________________________________________
> ORRando mailing list
> ORRando at orrandonneurs.org
> http://orrandonneurs.org/cgi-bin/mailman/listinfo/orrando
>
--
Keep the metal side up and the rubber side down!
More information about the ORRando
mailing list