Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 274
  • Last Modified:

Query regarding message spoofing

Hi

We seem to be receiving a lot of SPAM mail, particularly messages that are spoofed.

They have the characteristics;

From: SPOOFED
Return-Path: SPOOFED
Message-ID: #####@servername.com

Couple of questions I was hoping someone could help me with;

a) I understand it is quite possible to spoof the FROM:, but can the Return-Path (i.e. MAIL FROM:) be spoofed as well?

b) Can the source IP address of the mails be spoofed?

c) Can the Message-ID servername be spoofed?

Hope someone can help!
0
kam_uk
Asked:
kam_uk
1 Solution
 
PsiCopCommented:
a) Yes. "Return-path" is just another message header. It is easy to spoof as any other message header, like "From"

b) Yes and no. Yes, the spammer may include spoofed headers with false or misleading IP information. No, in that when YOUR mail server adds a "Received: from" header, it will have accurate IP information for the host that connected to it.

c) Yes. Just like "Return-path", it's just another message header.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now