It is a pretty well known fact that the SMTP protocol is very insecure, and it is easy to spoof and fake email messages. I've encountered a legitimate use case today.
Imagine you've had an email account where you keep all your stuff for archiving purposes (what? you don't keep your inbox at 0 messages?!) and let's say one day you accidentally remove all your messages. Alternatively, your SP may have gone belly up.
Fortunately, you made a backup so you have all your emails sitting safely on your local HD. But now your email is fragmented. All email you received until today is stored on your HD and anything new will be received at you actual email account. That could suck when you'd want to run a global search to find an email you can't quite remember when you received it.
So you could resend all those emails from the backup to your mail account, but then they would all seem to originate from the same source - you!
That's a lot of information lost. In this case it would be better to keep the original sender. Here's an example on how to achieve this with ssmtp (a lightweight MTA).
Make sure you've configured it to look for from addresses in the actual message text. In /etc/ssmtp/ssmtp.conf you should have:
FromLineOverride=YES
You also need to configure a mailhub for ssmtp to work, obviously:
mailhub=mailserver.corp.foo.bar
Now execute ssmtp (you'd probably want to create a script for this for mass mailing your backup):
# sendmail me@mail.corp.foo.bar
From: someone@somewhere.com
To: me@mail.corp.foo.bar
Subject: Fake from field
I've sent this with a fake from field using ssmtp.
[EOF]
Note that the from address (someone@somewhere.com) is completely bogus for the current session (so the email will appear to originate from the original sender). Pay attention that ssmtp seems to be looking for exactly 'From:' (case sensitive).
I haven't tried it, but the same principle should also work to preserve the original date of the email.
No comments:
Post a Comment