|
It is relatively easy to impersonate senders when dispatching e-mail. This might result in damage if the recipient considers the information contained in the e-mail to be authentic and binding.
Example:
The commonly used Eudora mail program allows mail with an incorrectly specified sender to be forwarded to a mail server without a password check. If user authentication has not been performed, this mail is only identified as "Unverified" in the field labelled "X-Sender". However, experience has shown that very few recipients pay attention to this. Besides, most mail programs do not include this field in their standard configuration.
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
last update: July 1999 |