Mail Archives: djgpp/1997/09/29/19:46:28
Russ Williams wrote:
> Yes, but why is he appearing as 'unknown@'? Surely that should record
> the username of whoever's logged into the dial-up... Then again, most
> ISPs constantly seem to have problems with their software, so it could
> be a "// TODO: implement me!" job. ;)
I've seen two common instances of "unknown" in mail:
1) Send a message with a fake "from" header through a mail
repeater to an address that is known to not exist. The bounce-
back, if configured to not encapsulate in an error message, sends
the unchanged message back to the "from" contents. Netscape mail
does this quite well, but it's rare.
2) Hack up a text file formatted to appear as a mail message
(via any un-intelligent mailer or even text editor) and write it
to the mail port of any host that hasn't applied the maild() patch
for this very loophole. The message goes with the contents of the
fake header provided the mail deamon doesn't check it first. Even
easier if you have access to the deamon and associated socket.
The first is usually a mistake, and any class-A idiot with root
on their linux or bsd box and a little admin knowledge can do the
second. For that matter, there's a slew of methods using RCP or
UDB utilities provided the first host to receive doesn't backtrack,
check sender, require a local account, etc. Easily half of the
boxes compliant with early sunos 4.1 and back fit that bill.
--
Sincerely,
Owen LaGarde
CEWES HPC MSRC
Customer Support
800-500-4722
info-hpc AT wes DOT hpc DOT mil
"If I can do it, any idiot can." -- Me
- Raw text -