From owner-freebsd-stable  Fri Oct 17 06:31:37 1997
Return-Path: <owner-freebsd-stable>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id GAA11481
          for stable-outgoing; Fri, 17 Oct 1997 06:31:37 -0700 (PDT)
          (envelope-from owner-freebsd-stable)
Received: from merit.edu (merit.edu [198.108.1.42])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id GAA11475
          for <freebsd-stable@FreeBSD.ORG>; Fri, 17 Oct 1997 06:31:23 -0700 (PDT)
          (envelope-from matt@zigg.com)
Received: from megaweapon.zigg.com (tcgr-20.dialup.alliance.net [207.74.43.20])
	by merit.edu (8.8.7/8.8.5) with ESMTP id JAA11357;
	Fri, 17 Oct 1997 09:31:08 -0400 (EDT)
Received: from localhost (matt@localhost)
	by megaweapon.zigg.com (8.8.7/8.8.7) with SMTP id JAA06688;
	Fri, 17 Oct 1997 09:31:22 -0400 (EDT)
Date: Fri, 17 Oct 1997 09:31:21 -0400 (EDT)
From: Matt Behrens <matt@zigg.com>
To: "Matthew D. Fuller" <fullermd@futuresouth.com>
cc: chad@dcfinc.com, Don Lewis <Don.Lewis@tsc.tdk.com>,
        root@eyelab.psy.msu.edu, dkelly@hiwaay.net, freebsd-stable@FreeBSD.ORG
Subject: Re: Anti-spam sendmail in 2.2.5?
In-Reply-To: <Pine.BSF.3.96.971017010844.7972B-100000@shell.futuresouth.com>
Message-ID: <Pine.BSF.3.96.971017092826.6677B-100000@megaweapon.zigg.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Fri, 17 Oct 1997, Matthew D. Fuller wrote:

> I agree wholeheartedly with this.  My system at home thinks it's one thing
> (through ml.org), but it's really another thing, since I don't have a
> static IP (hence, ml.org).  so my host represents itself as one thing, but
> a reverse DNS query says something totally different.  Of course, this all
> depends on whether we're resolving through DNS or reverse DNS; reverse DNS
> would, I think, be the only good way to do this, since straight-forward
> can be forged so easily it's not even funny.

> But what can we do?  (throwing up of hands)

Reverse DNS is *much* easier to forge than forward.  Anyone who owns the
IN-ADDR.ARPA domain for their IP address can ``legitimately'' pretend to
be anyone, in any domain.  By contrast, to forge yourself on a forward
lookup, you must control the domain you are pretending to be in.

(Of course, there are other techniques that get around these, but they are
difficult to implement and not widely used.)

Matt Behrens         | Help bring a free inter-user communication
http://www.zigg.com/ | system to the Internet.  Join the NetPager
matt@zigg.com        | Project!     http://www.zigg.com/netpager/