[okfn-help] Fwd: Help! I'm in trouble!

Nils Toedtmann nils.toedtmann at okfn.org
Wed Nov 23 10:22:22 UTC 2011


On 23/11/11 10:45, elf Pavlik wrote:
> Excerpts from Daniel Dietrich's message of 2011-11-23 08:25:01 +0000:
>> Are we hacked?
>>
>> ---------- Forwarded message ----------
>> From:  <Jeannette at okfn.org>
[...]
> 
> If you worry about email 'From' claiming account on okfn.org don't worry to much. AFAIK one can set those headers very easily to anything as described in this forum thread:
> http://www.emaildiscussions.com/showthread.php?threadid=15009

EP is right, "From:" is like most mail headers a free field which the
sender can fill with anything. It's quite common that scammers use the
domain of the destination as "From:" domain as well.

Do not trust a mail's origin unless it's signed.


> Someone who has access to our mail server could check if okfn.org actually relied this email, most likely it originates from some bogus spamming server.

Usually one can already tell from a mail's "Received:" headers whether
it was sent through our systems.


> On the other hand we may all consider starting signing our emails with PGP, I still don't do it myself and feel bit ashamed of this quite irresponsible way of communicating. Maybe we do one day online workshop on setting up GPG and using it to signing emails?

+1

/nils.


-- 
See http://nils.toedtmann.net/ for contact details.




More information about the okfn-help mailing list