Sender Validation ImpersonationRepudiation

Popularity:

7

Simplicity:

5

Impact:

7

Risk Rating:

6

Given the distributed nature of email, sometimes it is really important to be sure the sender is really who he or she says or even if the message being received is authentic. Even though email is not a reliable or secure way to give out important instructions, many people do so, for example, invest $1M in that stock, fire John Doe because of So adding another authentication level at the user level or MUA that enables the user to perform such verification is important.

Trying to authenticate your messages using new features in the email infrastructure itself can be avoided if you have ways to validate the sender (as in the person/program sending the message) using some additional metadata in the email body. Cryptographically signing (or even encrypting) the message (just like DomainKeys does for the headers and body), using your MUA is an effective technique that completely bypasses the need for built-in authentication in your MTA infrastructure.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment