Only accepting e-mail from known parties
NOT Jonathan Blake
grafolog at netcom.com
Mon Dec 25 16:22:32 PST 1995
(No, this is not Jonathan Blake; see .sig below :)
Jonathan Blake <grafolog at netcom.com> writes:
> When I get the bugs out of the procmail script I'm
> writing, to accomplish this, I'll send it to you.
I'd be very interested. I may even use it, if it works. :)
I like Adam Shostak's suggestion regarding caching hashes of signed
portions of incoming e-mail.
If the filter is going to keep track of e-mail history, then another possible
useful feature would be to limit the number of e-mails accepted from a given
party (even distinict). "You mail is being returned to you because you're
only authorized to send 10 e-mails here in a 24-hour period". Heh.
> However, won['t most messages have the name of the intended
> recipient inside the PGP signature lines?
Not necessarily. Most e-mails say something like "Dear Alice," but not all.
I wish the important headers were included in the signed portion.
Here's another variant of the same attack:
Bob sends Alice a PGP-signed e-mail. Alice posts a Usenet forgery, making
it look like it came from Bob, and using the same PGP-signed body.
> > Alice _may_ notice that the _Received:_ headers are weird, but this
> > forgery will certainly pass through a script that checks signatures.
> I'll have to give this some thought. Have the script
> match the from id, with the message id. << Not sure
> how I can do this one, yet. >>
It's a piece of cake to forge the message-id to match the forged "From:".
In fact, I'll do just that in this article, and I bet it'll take me
less than a minute. Besides, your message-id doesn't match your host. :)
I'm off to teach C++ now. (Yes, on Xmas)
Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
More information about the cypherpunks-legacy