[ILUG-BOM] mail system queries-2

Philip S Tellis philip.tellis@[EMAIL-PROTECTED]
Thu Oct 4 11:43:02 IST 2001


On Tue, 2 Oct 2001, abhijeet wrote:

> 1.> If the mail server doesn't check who i am when accepting a message for
>     delivery......doesn't that mean that anybody could use somebody else's
>     mail id to send mail????

Yes.  Try it and see.  That's how spammers send you mail, that's how
email is forged, that's the reason why you should digitally sign your
emails with a PGP/GPG signature that only you have.

>     wouldn't that be a security loophole.....i mean its pretty
>     harmless...but it means i could use some other mail id for
>     unsolicited mail????

Isn't this already being done?  Don't you receive spam?

>     any method of avoiding this???

Some strict settings on the mail server, but they could annoy legitimate
users.  Remember how we all reacted when vsnl blocked non-vsnl users
from sending mail.

Basically, don't allow relay from any address not in your domain, unless
the destination address is in your domain.  This could be fixed by
having your users' smtp server different from your actual mailhost - the
one with the MX entry in your DNS.

Check the IP of the source host.  Don't allow relay from any host that
doesn't have a DNS entry, and isn't from your IP pool.

> 3.> about my yahoo inbox....here's the complete interaction:-
>     (rather what i thought was relevant......)
> fetchmail: POP3< +OK password required.
> fetchmail: POP3> PASS *
> fetchmail: POP3< +OK maildrop ready, 1 message (9625 octets) (446 6291456)
> fetchmail: selecting or re-polling default folder
> fetchmail: POP3> STAT
> fetchmail: POP3< +OK 1 9625
> fetchmail: POP3> LAST
> fetchmail: POP3< +OK 1
> 1 message (1 seen) for innovativecrap at pop.vip.sc5.yahoo.com (9625 octets).
> fetchmail: POP3> LIST
> fetchmail: POP3< +OK 1 message (9625 octets)
> fetchmail: POP3< 1 9625
> fetchmail: POP3< .
> skipping message 1 not flushed
> fetchmail: POP3> QUIT
> fetchmail: POP3< +OK server signing off.
> fetchmail: not swapping UID lists, no UIDs seen this query
> fetchmail: Query status=1 (NOMAIL)        <<<<<what does that mean????
> fetchmail: Deleting fetchids file.
> fetchmail: normal termination, status 1
> fetchmail: Deleting fetchids file.
>     (i did a fetchmail -v -v)
> well any idea what's up??????

Exactly what's supposed to happen.  You haven't told fetchmail to fetch
all mails, so it only tries to fetch new mails.  The one mail that is
still on the server has already been read (LAST returns 1), so it isn't
downloaded or deleted (see the line that says 1 message (1 seen)).

Query status=1 (NOMAIL)

What does it sound like?  Check the man page for return values of
fetchmail.

Philip

-- 
Repel them.  Repel them.  Induce them to relinquish the spheroid.
- Indiana University fans' chant for their perennially bad football team


Visit my webpage at http://www.ncst.ernet.in/~philip/
Read my writings at http://www.ncst.ernet.in/~philip/writings/

  MSN  philiptellis                         Yahoo!  philiptellis
  AIM  philiptellis                         ICQ     129711328




More information about the Linuxers mailing list