Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 09-16-2004, 12:27 PM   #1
LQ Newbie
Registered: Aug 2003
Distribution: RedHat
Posts: 1

Rep: Reputation: 0
Spoofing emails or probably just missconfigured. Help!

Ok after trying for 3 days to get postfix with cyrus-sasl and mysql working i finally gave up, and followed the sugestion of one good buddy of mine to install qmail. Following the install tutorial and scripts at I was using mandrake and was somehow discouraged by the lack of guides for this distro but hey redhat is like mandrake so maybe i'll get an error compiling some stuff but at least i'll have a clear conscience. Not the case as it installed quite nice, error free(nice tutorial... if every program had scripts like this i wouldn't grow so many white hairs).
Went for vpopmail with mysql since i use this database for programing and i thought i'd manage. Installed also courier imap as shown in the tut. Ok everything worked smoothly. Next day at work created a mail for myself and one named for the marketing dude.I started Outlook in Windows and created the accounts. Not paying enough attention, i typed at my acount the email address but at acount name and the password and selected my server requiers authentification and log in with and same password. So i use the marketing email but the acount and password drakon(say any ordinary user who has an acount and password). When i sent a mail i received it at my yahoo acount as coming from marketing. Ok my problem i said.

But then i tried my friend's server which compiled vpopmail without mysql. He gave me an acount for testing when i was undecided to go for qmail to try it out and i also knew he had the for sending official emails. So same move: email acount but the acount and authentification: with the password he gave me for the test acount. I sent him an email saying that his firm was having financial troubles and that he advises the reciever of the email to contact another firm. The mail came from and of course he was as worried as me.

So it seams that anyone who has an ordinary email acount on the server can send emails in the name of the system administrator or any department for example.
My question? Is there something i can do?Anyone has same problem? Can't figure out much from the logs since they are full of: Check for proper operation and configuration of the File Access Monitor daemon (famd). I know that famd must be started, but this doesn't start although portmap is started. But i don't think that this email spoofing would be reported in the errors logs..

Hope anyone has a solution and thanks for the time reading.
Old 09-20-2004, 09:00 AM   #2
Senior Member
Registered: Jul 2004
Distribution: Ubuntu 7.04
Posts: 1,991

Rep: Reputation: 76
Qmail will generally let you inject whatever you like into the queue, unless you tell it otherwise.

Overall, there is no good solution to stop (malicious) email spoofing, as anyone can set up an SMTP client and send mail directly to the recipiant if they want to. So I doubt if qmail will bother with any method of stopping it.

I guess you could probably put in some sort of filter to stop it on this particular server, to compare the received username with the from username in the headers.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
convert html emails to plain text emails andredude Linux - General 6 03-20-2005 12:33 PM
IP spoofing prinski Linux - Security 2 03-25-2004 12:27 PM
Ip spoofing !! freelinuxcpp Linux - Networking 4 03-01-2004 01:08 PM
IP spoofing tied2 Linux - Security 4 07-30-2002 07:55 AM
IP Spoofing robeb Linux - Security 2 06-25-2002 12:08 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:54 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration