[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: forgeries increasing

From: Jim Meyering
Subject: Re: forgeries increasing
Date: Thu, 31 Jan 2008 15:20:01 +0100

address@hidden (Bob Proulx) wrote:

> Forgeries are getting more common.  Take this one for example.
> The message is using a forged address from a poster who has several
> other in that same thread.  The forged message came in through a news
> to mail gateway.  Actual messages from that poster are being sent by
> email.  By looking at the message headers it is easy to see that these
> messages are coming from different senders.  But because the forged
> address was subscribed to the mailing list it was passed through
> without any check.
> Here are several more examples:
> All of these look to have come through a news gateway.

Hi Bob,

In case this ever becomes a big enough problem:

    maintain a profile for each subscriber, and when s/he posts
    with a significantly different header "signature" (i.e., derived
    from some amalgam of fields like Message-Id, Received: etc.), then
    require a delay or manual approval.

Obviously, there's the small matter of coding, not to mention
coming up with a good heuristic for determining what "significantly
different" should mean.

And of course, you can skip the check if a message is signed,
or if headers themselves can be authenticated.

I suspect this is nothing new, and I know spamassassin provides
a way to do some of this manually.  Anyone know of code to do it

reply via email to

[Prev in Thread] Current Thread [Next in Thread]