1995-12-26 - Re: Only accepting e-mail from known parties

Header Data

From: NOT Jonathan Blake <grafolog@netcom.com>
To: cypherpunks@toad.com
Message Hash: 802a03d8624215ea02ec09d692a636360bb2eb804002d4fbcf6e3bc358f56ef4
Message ID: <Pine.SUN.3.91.951224353450.23327E-100000@netcom23>
Reply To: <Pine.SUN.3.91.951225094550.27577E-100000@netcom23>
UTC Datetime: 1995-12-26 00:22:32 UTC
Raw Date: Tue, 26 Dec 1995 08:22:32 +0800

Raw message

From: NOT Jonathan Blake <grafolog@netcom.com>
Date: Tue, 26 Dec 1995 08:22:32 +0800
To: cypherpunks@toad.com
Subject: Re: Only accepting e-mail from known parties
In-Reply-To: <Pine.SUN.3.91.951225094550.27577E-100000@netcom23>
Message-ID: <Pine.SUN.3.91.951224353450.23327E-100000@netcom23>
MIME-Version: 1.0
Content-Type: text/plain


(No, this is not Jonathan Blake; see .sig below :)

Jonathan Blake <grafolog@netcom.com> writes:
> 	When I get the bugs out of the procmail script I'm
> 	writing, to accomplish this, I'll send it to you.

I'd be very interested. I may even use it, if it works. :)
I like Adam Shostak's suggestion regarding caching hashes of signed
portions of incoming e-mail.
If the filter is going to keep track of e-mail history, then another possible
useful feature would be to limit the number of e-mails accepted from a given
party (even distinict). "You mail is being returned to you because you're
only authorized to send 10 e-mails here in a 24-hour period". Heh.

> 	However, won['t most messages have the name of the intended
> 	recipient inside the PGP signature lines?

Not necessarily. Most e-mails say something like "Dear Alice," but not all.
I wish the important headers were included in the signed portion.

Here's another variant of the same attack:

Bob sends Alice a PGP-signed e-mail. Alice posts a Usenet forgery, making
it look like it came from Bob, and using the same PGP-signed body.

> > Alice _may_ notice that the _Received:_ headers are weird, but this
> > forgery will certainly pass through a script that checks signatures.
>
> 	I'll have to give this some thought.  Have the script
> 	match the from id, with the message id.  << Not sure
> 	how I can do this one, yet.  >>

It's a piece of cake to forge the message-id to match the forged "From:".
In fact, I'll do just that in this article, and I bet it'll take me
less than a minute. Besides, your message-id doesn't match your host. :)

I'm off to teach C++ now. (Yes, on Xmas)

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps





Thread