Forging Mail (was Re: Warning - stupid questions ahead...)

Jonathan I. Kamens jik at athena.mit.edu
Wed Apr 17 20:08:33 AEST 1991


  (Note cross-post and Followup-To.)

In article <1991Apr17.091032.12693 at ux1.cso.uiuc.edu>, andreess at mrlaxs.mrl.uiuc.edu (Marc Andreessen) writes:
|> Basically, I stumbled on a ridiculously easy way to forge mail from 
|> anyone to anyone on any machine (I've tested this on Ultrix 4.1, AIX 3.1,
|> BSD Tahoe, etc) without superuser privs.  I'm aware many implementations
|> of Unix have many security holes, but this seems fairly major, and
|> also appears to be there by design.
|> 
|> I'm sure half of you know what I'm talking about already, so there's
|> no need to go into detail.

  Well, I don't know what you're talking about, because there are so many easy
ways to forge mail that I don't know which one you mean. :-)

|> However, what I'm wondering is - why isn't
|> this more widely known?

  What do you mean by "widely known?"  It's pretty common knowledge around
here that mail can't be trusted.  If you want secure mail, you used Privacy
Enhanced mail, which uses RSA public-key encryption.

|> Why have I never heard about it?

  When new users find out how to forge mail, some portion of them tend to act
like dweebs, doing irresponsible, inconsiderate things that make life
difficult for everybody, because they think it's funny.  I'm a consultant here
for our user community, and if someone asks me, "Is it possible to forge
mail?" my response is, "Yes, but I can't tell you how to do it."  By the time
people figure out how to do it for themselves, they're usually responsible
enough not to do stupid things with it.

  It's true that new users often assume that mail is secure because they are
never told otherwise.  I'm not sure how that problem can be solved (or even if
it is a problem); I would find it a bit strange if we told every new user
here, "By the way, mail isn't secure!"

|> This makes
|> Unix mail completely untrustworthy; why isn't this more secure?

  Unix mail has always been untrustworthy; surprise, surprise.  The problem is
not confined to Unix (It's possible to forge mail easily using SMTP, which is
a network protocol, not a Unix protocol, and which is spoken by quite a few
OSs besides Unix).

  If you're interested in finding out more about recent attempts to come up
with ways to do secure mail, I suggest you read the relevant Internet RCSs,
which include:

1115  Linn, J.  Privacy enhancement for Internet electronic mail: Part III - 
      algorithms, modes, and identifiers [Draft].  1989 August; 8 p. (Format: 
      TXT=18226 bytes)

1114  Kent, S.T.; Linn, J.  Privacy enhancement for Internet electronic mail: 
      Part II - certificate-based key management [Draft].  1989 August; 25 p. 
      (Format: TXT=69661 bytes)

1113  Linn, J.  Privacy enhancement for Internet electronic mail: Part I - 
      message encipherment and authentication procedures [Draft].  1989 
      August; 34 p. (Format: TXT=89293 bytes)  (Obsoletes RFC 989, RFC 1040)

In case you don't know how to get your hands on RFCs, I've included
instructions at the end of this message.

-- 
Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
jik at Athena.MIT.EDU				Allston, MA  02134
Office: 617-253-8085			      Home: 617-782-0710
-- 
Many RFCs are available online; if not, this is indicated by (Not online). 
Paper copies of all RFCs are available from the NIC, either individually
or on a subscription basis (for more information contact NIC at NIC.DDN.MIL).
Online copies are available via FTP or Kermit from NIC.DDN.MIL as 
RFC:RFC####.TXT or RFC:RFC####.PS (#### is the RFC number without leading 
zeroes).

Additionally, RFCs may be requested through electronic mail from the
automated NIC mail server by sending a message to SERVICE at NIC.DDN.MIL
with a subject line of "RFC ####" for text versions or a subject line
of "RFC ####.PS" for PostScript versions.  To obtain the RFC index,
the subject line of your message should read "RFC index".



More information about the Comp.unix.internals mailing list