kodegenos
asked on
How to verify Lotus Notes Sender
I would like to know whether there is any way to verify the sender for Lotus Notes.
One of my client's Lotus Notes email address has been spoofed by someone, so they are looking for a way in Lotus Notes to protect this situation to happen again. For instance, whether there is a way to authenticate both the user id and lotus notes email address together?
Thank you for any advice.
One of my client's Lotus Notes email address has been spoofed by someone, so they are looking for a way in Lotus Notes to protect this situation to happen again. For instance, whether there is a way to authenticate both the user id and lotus notes email address together?
Thank you for any advice.
What do you mean, it has been spoofed ?
Over the internet (smtp), or over Notes - to - Notes (nrpc) trafic ?
I think sjef means the sender can 'sign' his message, to allow the receiver to verify this. This only works for Notes-to-Notes email ...
Tom
Over the internet (smtp), or over Notes - to - Notes (nrpc) trafic ?
I think sjef means the sender can 'sign' his message, to allow the receiver to verify this. This only works for Notes-to-Notes email ...
Tom
The new virus does spoof the sender names there is nothing you can do about it except do a virus check and delete any potential virus attachments..
~Hemanth
~Hemanth
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for everyone reply.
I get to know that Lotus Notes require a user to authenticate to the server with a correct address and password before they can send email. What do they mean by the correct address? Do they mean they need their own address to send mail? eg. user id is kgoh, and the user must use kgoh@mydomain.com to send email? How about if they use othername@mydomain.com to send as user id 'kgoh'?
I get to know that Lotus Notes require a user to authenticate to the server with a correct address and password before they can send email. What do they mean by the correct address? Do they mean they need their own address to send mail? eg. user id is kgoh, and the user must use kgoh@mydomain.com to send email? How about if they use othername@mydomain.com to send as user id 'kgoh'?
If you mean that someone send a message over the internet containing a virus, that appears to come from you (kgoh@mydomain.com), and you now get all the alert messages from various antivirus engines, you can't do anything about that.
That has nothing to do with Notes - any idiot with a networkconnection can send an email that appears to come from you.
Try it yourself : telnet to port 25 on your smtp server , and start sending away , impersonating every user you want .... (actually, if you set your smtp server correctly, you'll need to use a from address from within your domain, but on the internet, you can do what you want ... you'll get the idea)
telnet mail.yourmailserver.com 25
| Out: 220 mail.yourmailserver.com Ready for action (whatever/SMTP)
| In: helo mail.yourmailserver.com
| Out: 250 hodgsonfamily.org
| In: mail from: <WHOEVER@WHATEVER.COM>
| Out: 250 receiving from WHOEVER@WHATEVER.COM
| In: rcpt to: <testaddress@yourmailserve
| Out: 250 will send to testaddress@yourmailserver
| In: data
| Out: 354 send the message, terminate with "."
| In: from: SPAMMER <WHOEVER@WHATEVER.COM>
| In: To: <testaddress@yourmailserve
| In: Subject: Telnet test 1
| In: TEST
| In: .
| Out: 250 received the message, thanks
| In: rset
| Out: 250 clearing sender and recipient list, go ahead
| In: quit
| Out: 221 have a nice day (SMTP Closing)
That has nothing to do with Notes - any idiot with a networkconnection can send an email that appears to come from you.
Try it yourself : telnet to port 25 on your smtp server , and start sending away , impersonating every user you want .... (actually, if you set your smtp server correctly, you'll need to use a from address from within your domain, but on the internet, you can do what you want ... you'll get the idea)
telnet mail.yourmailserver.com 25
| Out: 220 mail.yourmailserver.com Ready for action (whatever/SMTP)
| In: helo mail.yourmailserver.com
| Out: 250 hodgsonfamily.org
| In: mail from: <WHOEVER@WHATEVER.COM>
| Out: 250 receiving from WHOEVER@WHATEVER.COM
| In: rcpt to: <testaddress@yourmailserve
| Out: 250 will send to testaddress@yourmailserver
| In: data
| Out: 354 send the message, terminate with "."
| In: from: SPAMMER <WHOEVER@WHATEVER.COM>
| In: To: <testaddress@yourmailserve
| In: Subject: Telnet test 1
| In: TEST
| In: .
| Out: 250 received the message, thanks
| In: rset
| Out: 250 clearing sender and recipient list, go ahead
| In: quit
| Out: 221 have a nice day (SMTP Closing)
Bozzie is correct about SMTP. It is also possible internally, though the user would have to be pretty sophisticated to avoid all detection.
kodegenos,
FYI, it has nothing to do with the Notes user's internet adddress. It is the "user name" embedded in the user.id file, which generally matches a Full Name in the server names.nsf. The authenication uses Public Key Cryptography to verify identity. It is rather complicated.
FYI, it has nothing to do with the Notes user's internet adddress. It is the "user name" embedded in the user.id file, which generally matches a Full Name in the server names.nsf. The authenication uses Public Key Cryptography to verify identity. It is rather complicated.
In Notes the sender can add his signature, so the receiver can see that it really was the sender who sent the mail.
Cheers!
Sjef