January 23rd, 2005, 11:34 AM
Spoofing Ip Addresses in E-mail 2 ways.
I've read about programmers being able to spoof Ip addresses in E-mail in two ways. One by sending an e-mail using two ethernet (spoofing and sniffing) connections spoofing the ip address. However you would need to be on an ISP with no Anti-Spoof Firewalls on any of the upstream servers which is non exsistent in the U.S. and running Windows2000 or earlier (for some reason). So there would be no need to worry there.
The Second way to spoof an Ip in an E-mail address is to cause a particular error (I think it has something to do with an incomplete transaction) making most Mx servers drop the received header (allowing you to replace it) while still allowing the message to be sent. Once the "caller-Id" protocols go into full effect this could be the main method for spam since it isn't illegal to give phoney header information from outside the United States and it dosen't involve real Ip Spoofing so Anti-Spoofing Firewalls wouldn't do anything. The worst part about it is that since the header gets deleted and is instantly replaceable blocking spam by Ip addresses would be useless.
Post "Caller-ID" Email could end up with more spam. Anyway I can't even proove that it works to send the E-mail to the appropriate RFC people? I could refer them to somebody but that guy actually benefits from being able to spoof the Ip in E-mails so he wouldn't help.