• >>
  • >>
  • Mail Policy
Mobile Access
Desktop Access
Resources
Prevention of Email Spoofing in Mithi Connect Xf
Email Spoofing|Cause|Solution
Email Spoofing
Email spoofing may occur in different forms, but all have a similar result: a user receives an email that appears to have originated from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).

Examples of spoofed email that could affect the security of your site include:
  • Email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not do this .
  • Email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information.
Email spoofing can be done by one of the valid users on a domain or users on external domains.
Cause
The basic SMTP protocol does not provide a mechanism to authenticate users. Since mail envelope addresses are so easy to fake, you can't know who is sending mail to your server unless you have a reliable means to authenticate clients. To allow mail relay on your server, you need assurance that senders are who they claim to be as you cannot rely on the sender's email address as identification.
Solution
Prevention of spoofing by users on the same domain
Mithi Connect Xf is by default configured to accept only authenticated SMTP. SMTP authentication along with the capability of rejecting SMTP connections with sender login mismatch ensures that within a domain, a user cannot masquerade as another without explicit permission.
A user can send mail either using a desktop email client such as Outlook/Thunderbird or via the web mail client.


Click on the image to Enlarge.

When an SMTP connection is made from the desktop email client to the mail server, the server requests for the user credentials. These include the login id and password. These credentials are maintained by the client and communicated to the server over secure protocols. On receipt of the credentials, the server ensures:
  • That the user is a valid user for the domain and the entry is found in the domain directories.
  • The password supplied matches with the password in the server.
  • The From id of the MIME (the format is which a mail is transferred) matches the user id given in the credentials.
If any of these tests fail, then the mail is rejected.
A user connecting to the server using telnet access to the port 25 used for SMTP will also need to supply the credentials before the SMTP transaction is completed.

 

Product

Email Solutions

Resources

Support

Try Now

Company