[Mailman-Users] How hard is it to spoof an email?

[Brad Knowles]

At 1:56 PM -0500 2006-01-29, Jp Possenti wrote:

>  How hard would it be for someone to maliciously start sending all the users
>  in my list emails or start deleting people from it by sending bounce errors
>  or by spoofing the admin email and start emailing everyone on the list?

	It's trivially easy to spoof e-mail addresses.  Mailman works 
around that by allowing you to configure your list to be more secure 
and require confirmations for certain commands, or by sending its own 
confirmation e-mail once an action has taken place.

	The attacker may be able to spoof your e-mail address, but unless 
they can also access your mailbox, they can't see the unique 
confirmation string that they have to duplicate before the system 
will take the action in question, or to delete the notice that 
Mailman sends to the recipient.

>  Is this a common problem, or is mailman secure about it? What are some ways
>  to help avoid any problems?

	It all depends on how secure you want your list to be.  Part of 
the problem is that the more security features of this sort that you 
turn on, the more cumbersome it will be for people to post or 
subscribe to the list, change their address once subscribed, etc....

	You want to strike a balance here between securing your system 
against spoofing and making it too difficult to use.

>  Please explain carefully and with plenty of details as I am still figuring
>  things out.

	I'm not sure how much more I can explain, or precisely which part 
it is that you're most concerned about.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

  LOPSA member since December 2005.  See <http://www.lopsa.org/>.