[ih] Design choices in SMTP (custom emails per recipient)
Jack Haverty
jack at 3kitty.org
Thu Feb 9 13:03:09 PST 2023
I remember that hack. You could send email posing as anyone you liked,
by just putting whatever you wanted into the From: header field. It
drove me crazy trying to get my mail server, which tried to parse and
verify those fields, to deal with all the poetry people put into email
headers.
Sadly, it's not just a problem of the ancient 1970s/80s. I regularly
receive emails now, in 2023, which look like I sent them. I can
recognize them as phishing blackmail, but I suspect many people cannot
tell that they're forged.
Here's one below that I got recently. Allegedly I sent it to myself.
By looking at the message source, I can tell from the 103.167.66.22
address that it actually came from somewhere in the Philippines. And
trust me -- I didn't send it. So it's apparently still easy to forge
the source and author of messages, probably using a different technique
instead of Telnet to port 25.
After 50 years of technology progress, I would have expected such
vulnerabilities of the 70s research networks to have been addressed by
now. Perhaps Historians can explain why that hasn't happened?
Jack (check this message's source if you suspect it's forged.....)
PS - Here's a piece of a recent forged message source:
===========================
Return-Path:<jack at 3kitty.org>
Delivered-To:jack at 3kitty.org
Received: (qmail 23808 invoked by uid 80); 5 Feb 2023 23:29:14 -0000
Received: from unknown (HELO atl4mhib66.registeredsite.com) (209.17.115.201)
by abimarierecords.net with SMTP; 5 Feb 2023 23:29:14 -0000
Received: from [103.167.66.22] ([103.167.66.22])
by atl4mhib66.registeredsite.com (8.14.4/8.14.4) with ESMTP id 315NTCa1039068
for<jack at 3kitty.org>; Sun, 5 Feb 2023 18:29:13 -0500
Message-ID: <64121F8F6D6982FD8B8616F4F01B6412 at CTW7FJC8M>
From:<jack at 3kitty.org>
To:<jack at 3kitty.org>
Subject: You have an outstanding payment.
======================================
On 2/9/23 08:09, Craig Partridge via Internet-history wrote:
> Telneting to the SMTP port and hand typing email was a great source of fun
> in the 1970s and 1980s. The trick was to get all the 733/822 fields right.
>
> As I recall, From: The Great God Almighty <....>, was common.
>
> Though the uucp kremvax email still has to claim precedence as the best
> email spoof. (https://en.wikipedia.org/wiki/Kremvax).
>
> Craig
>
> On Thu, Feb 9, 2023 at 8:59 AM John Lowry via Internet-history <
> internet-history at elists.isoc.org> wrote:
>
>>
>> I distinctly remember using telnet to send email as a diagnostic for rules
>> and
>> addressing, but also in a scripts to send software build results to
>> distributed
>> teams. I suppose that would be hard today and there may be “better” ways.
>>
>> John
>>
>>
More information about the Internet-history
mailing list