LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page qmail spoofing return-path (from field)
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 03-28-2007, 04:47 PM   #1
j0hnd0e
Member
 
Registered: Nov 2005
Distribution: slamd64, slackware64
Posts: 34

Rep: Reputation: 15
qmail spoofing return-path (from field)

Hi,

I've configured qmail/vpopmail/courier to work for sending/recieving mails, with smtp authetnification, meaning that every user that would like to send mail thru mail server must use valid username and password.
But I noticed today, that users can manipulate return-path form.

For example if I set return-path in thunderbird as someman@intel.com the email will be sent and mail would look like someone relly sent it from intel.

Showed on example under.
My "real-username" at mail server is realuser@my-home-domain.com but as you can see I faked the return-path to something else.


Return-Path: <someone@intel.com>
Delivered-To: admin@my-home-domain.com
Received: (qmail 5267 invoked from network); 28 Mar 2007 11:56:43 -0000
Received: from somehost.fromuser (HELO usercomp2) (realuser@my-home-domain.com@12.34.56.78)
by mail.domain.org with SMTP; 28 Mar 2007 11:56:43 -0000
Message-ID: <000123c76f9d$eh6c9c70$1300a8c0@usercomp2>
From: My Name <someone@intel.com>
To: "Admin" <admin@my-home-domain.com>
References: <001101caaf8e$33f9e200$1700a8c0@usercomp2> <4607A127.90104@my-home-domain.com>
Subject: Changing Return-path/from unexisting user
Date: Wed, 28 Mar 2007 13:03:33 +0200
...
...


I would like to know is there any possibilty to force return-path and from field to be same as username (realuser@my-home-domain.com). It would be the best if I get some error message when I try to use fake mail address (different from my real username address).

any help

thanks
Last edited by j0hnd0e; 09-30-2007 at 05:34 AM.
 
Old 03-29-2007, 10:11 PM   #2
Poetics
Senior Member
 
Registered: Jun 2003
Location: California
Distribution: Slackware
Posts: 1,178

Rep: Reputation: 49
I've never seen a configuration that authenticates based on the From or Reply-to addresses; this is a common avenue for Spammers to send emails "from" domain email addresses. If this could be set, it'd be interesting to see how it scaled (the maintenance time would grow very quickly) when the server starts supply email services for domains, et cetera.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Sendmail re-writing return path hammer65 Linux - Software 1 02-01-2007 10:59 AM
Postfix: why is 'Return-Path' of bounce message empty Chowroc Linux - Networking 1 12-28-2005 03:52 AM
absolute path to qmail in sme 5.6? dopper Linux - Software 0 10-28-2003 01:48 PM
php mail script return path richard22 Linux - Software 1 08-22-2003 04:10 AM
Sendmail return path dj_relentless Linux - General 2 06-07-2002 06:40 AM


All times are GMT -5. The time now is 06:04 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration