[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Updating Internic info for linuxdoc.org

On 20 Sep 1999, Jim Pick wrote:

> Authorization
> 0a. (N)ew (M)odify (D)elete.........: M Name Registration
> 0b. Auth Scheme.....................: MAIL-FROM

Can I suggest that MAIL-FROM authentication is NOT used. I had (and still
havn't got 'round to changing) MAIL-FROM on my domain, except the emil
address I gave was my redirectional address, and thus doesn't allow me to
send mail from it. This was a problem 'til I hacker around with sendmail
and pine and got my box to think it was bigfoot.com, and now NSI accepts
my emails. It would probably not be too impossible for someone else to
forge the mail headers in this way and take over the domain.

BTW: I'm assuming that whoever is incharge of the domains has seen the
security bulletins about the NSI freemail accounts?
Details on my web page: http://www.cognite.net/security/

Just thought I'd mention it.

Now back to my lurking, ;)

--                   ,------------------------------,
,====================| S H U N  A N T I O N L I N E |===================,
|  David M. Webster  '------------------------------'  (aka cogNiTioN)  | 
| cognition@bigfoot.com |=============| cognite.net will be online RSN. |
'====== I use Linux everyday to up my productivity - so up yours! ======'     

To UNSUBSCRIBE, email to ldp-discuss-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org