Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi,
I'm using qmail in our system. Once we authenticated (using LDAP) to the mail server then we could send and receive email. But on the other hand if someone eg person A login to the mail system and then once he is authenticated then he can send email using for instance B@aaa.com instead of his email id which is A@aaa.com.
Is there any way that I can protect this to happen ? So A can only send email using his identity instead of other person identity ?
Which address is "faked" by A?
The envelope address or the address in the "From:" header?
The first normally is hard and maybe even not allowed.
The latter is often relatively easy and rather harmless.
So, it's just the "From:" header that is altered? I doubt if you can change that.
There are many possibilities to customize the from: header.
For instance, using command line sendmail, Tcl, possibly also PhP, etc.
So I doubt you can control them all...
For instance, using Tcl, you can easily send mails out to any mail server that accepts SMTP connections and you can set the From: header to whatever you want.
I suppose the only thing you can do is try to limit the access to mail servers, in order to make all mails pass via a few mail servers under your control. You may be able to configure the servers to modify the faked from: addresses (for instance, setting them equal to the envelope sender address).
In any case, I wouldn't worry too much about faked from: headers as long as the envelope sender address still indicates who really sent the mail.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.