.TH forgeries 7.SH "NAME"forgeries \- how easy it is to forge mail.SH "SUMMARY"An electronic mail message can easily be forged.Almost everything in it,including the return address,is completely under the control of the sender.An electronic mail message can be manually traced to its originif (1) all system administrators of intermediate machinesare both cooperative and competent,(2) the sender did not break low-level TCP/IP security,and(3) all intermediate machines are secure.Users of.I cryptographycan automatically ensure the integrity and secrecyof their mail messages, as long asthe sending and receiving machines are secure..SH "FORGERIES"Like postal mail,electronic mail can be created entirely at the whim of the sender..BR From ,.BR Sender ,.BR Return-Path ,and.BR Message-IDcan all contain whatever information the sender wants.For example, if you inject a message through.B sendmailor.B qmail-injector.BR SMTP ,you can simply type in a.B Fromfield.In fact,.B qmail-injectlets you set up.BR MAILUSER ,.BR MAILHOST ,and.B MAILNAMEenvironment variablesto produce your desired.B Fromfield on every message..SH "TRACING FORGERIES"Like postal mail,electronic mail is postmarked when it is sent.Each machine that receives an electronic mail messageadds a.B Receivedline to the top.A modern.B Receivedline contains quite a bit of information.In conjunction with the machine's logs,it lets a competent system administratordetermine where the machine received the message from,as long as the sender did not break low-level TCP/IP securityor security on that machine.Large multi-user machines often come with inadequate logging software.Fortunately, a system administrator can easily obtain a copy of a931/1413/Ident/TAP server, such as.BR pidentd .Unfortunately,some system administrators fail to do this,and are thus unable to figure out which local userwas responsible for generating a message.If all intermediate system administrators are competent,and the sender did not break machine security or low-level TCP/IP security,it is possible to trace a message backwards.Unfortunately, some traces are stymied by intermediate systemadministrators who are uncooperative or untrustworthy..SH "CRYPTOGRAPHY"The sender of a mail message may place his message into a.I cryptographicenvelope stamped with his seal.Strong cryptography guarantees that any two messages with the same sealwere sent by the same cryptographic entity:perhaps a single person, perhaps a group of cooperating people,but in any case somebody who knows a secret originally heldonly by the creator of the seal.The seal is called a.I public key\fR.Unfortunately, the creator of the seal is often an insecure machine,or an untrustworthy central agency,but most of the time seals are kept secure.One popular cryptographic program is.BR pgp ..SH "SEE ALSO"pgp(1),identd(8),qmail-header(8)