Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more ➡
Download
Standard view
Full view
of .
Add note
Save to My Library
Sync to mobile
Look up keyword
Like this
12Activity
×
0 of .
Results for:
No results containing your search query
P. 1
Email spoofing. What is it and how does one deal with the problem?

Email spoofing. What is it and how does one deal with the problem?

Ratings:

4.75

(8)
|Views: 59,986|Likes:
Published by zolved
Email spoofing and what can be done about it. Examining solutions such as the Sender Policy Framework (SPF) and Microsoft’s Sender ID, which is based on it are some of the solutions to this problem.
Email spoofing and what can be done about it. Examining solutions such as the Sender Policy Framework (SPF) and Microsoft’s Sender ID, which is based on it are some of the solutions to this problem.

More info:

Published by: zolved on Mar 16, 2007
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF or read online from Scribd
See More
See less

04/10/2013

pdf

 
Email spoofing and what can be done about it. Examining solutions such as the Sender Policy Framework (SPF) and Microsoft’s Sender ID, which is based on it are some of thesolutions to this problem.
E-mail spoofing
is forgery of an email header.(Header is the part of a message thatdescribes the originator, the addressee and other recipients, message priority level,etc.)The message appears to have originated from someone or somewhere other than theactual source.While spoofing can be used legitimately., using by anyone other than yourself isillegal in some jurisdictions.Although most spoofed e-mail falls into the "nuisance" category and requires littleaction other than deletion, the more malicious varieties can cause serious problemsand security risks.A favorite technique of spammers and other mischief mongers is to “spoof” theirreturn e-mail addresses, making it look as if the mail came from someone else. Thisis a form of identity theft, as the sender pretends to be someone else in order topersuade the recipient to do something (from simply opening the message tosending money or revealing personal information), according to Deb Shinder,technology consultant, who has authored a number of books on computer operatingsystems, networking, and security.If the precaution is not taken, anyone with the requisite knowledge can connect tothe server and use it to send messages. To send spoofed e-mail, senders insertcommands in headers that will alter message information.If you remember, your snail mail had the return address as an indicator of where itoriginated. However, the sender could write any name and address there and youhad no assurance about its genuineness. Just anyone can send spoofed e-mail thatappears to be from you with a message that you didn't write!
For more consumer technical support questions, visithttp://www.Zolved.com
 
Why does anyone want to send 'spoofed emails'!!! It could be that spoofed e-mailmay purport to be from someone in a position of authority, asking for sensitive data,such as passwords, credit card numbers, or other personal information -- any of which can be used for a variety of criminal purposes.Whatever the motivation, the objective of spoofed mail is to hide the sender's realidentity. This can be done because the
Simple Mail Transfer Protocol (SMTP)
does not require authentication (unlike some other, more secure protocols). A sendercan use a fictitious return address or a valid address that belongs to someone else,says Ms. Shinder.
How Spoofing Works:
In its simplest form, e-mail spoofing involves simply settingthe display name or “from” field of outgoing messages to show a name or addressother than the actual one from which the message is sent. Most POP e-mail clientsallow you to change the text displayed in this field to whatever you want.For example, when you set up a mail account in Outlook Express, you are asked toenter a display name, which can be anything you want, as shown below in the figure.The name you set will be seen in the recipient’s mail program as the person fromwhom the mail was sent. Likewise, you can type anything you like in the field on thefollowing page that asks for your e-mail address. These fields are separate from thefield where you enter your account name assigned to you by your ISP.The figure below shows what the recipient sees in the “from” field of an e-mail clientsuch as Outlook.
For more consumer technical support questions, visithttp://www.Zolved.com
 
When this simplistic method is used, you can tell where the mail originated (forexample, that it did
not 
come from thewhitehouse.com) by checking the actual mailheaders.
 
<!--[endif]-->
Note:
There is really no way to prevent receiving a spoofed email. You can look atthe Internet Headers information to see where the email actually originated.Many e-mail clients don’t show these by default.In Outlook, open the message and then click
View | Options
to see the headers, asshown below.
For more consumer technical support questions, visithttp://www.Zolved.com

Activity (12)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Steven Young liked this
Suratman Pakle liked this
upcm2014blockA liked this
jayanandks liked this
yogeshdhuri22 liked this
yogeshdhuri22 liked this
KC J liked this
macpup liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->