> SMTP is inherently insecure Not really, even ignoring digital signatures. At least, you can tell the provenance of a message, but not the actual sender, if you know how to read headers.
OTOH, the envelope and header From fields can be trivially spoofed, so never trust them by themselves. -- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List [[email protected]] on behalf of Lionel B Dyck [[email protected]] Sent: Thursday, February 18, 2021 11:45 AM To: [email protected] Subject: Re: XMITIP and ANTI SPOOF message The Anti-Spoof was implemented because of auditors and the ability to turn if off was at the request of one shop who didn't want it. The default is to have it on which is my preference. SMTP is inherently insecure so having it is an aid but not fool proof for all the fools out there 😊 Lionel B. Dyck <sdg>< Website: https://secure-web.cisco.com/1jVQ-alNznXCVXE28JyDU-Z4CtL5MZza6J7y-0o9hE-PguBIrgeyan78far0WhPnxrmA1fZZoFLjZ74GLgV0cAdPh0HwxjNN4cEC15Gal-eGexzvRVEHHooYr3wHyOcaT0vLrytW9GfLBBUCp1QaDB7c2XxuD0GzQwrqnz_Jko-dv06sPZhf7jBvl4Ky4bZUSLUx1kdCM_2c6nI6SGy7hXttcI2Ug_yS2K28xh2dqZuX_VcajP-YZ_2hRQyzZM7oviNJUkgSb-8r5NCSAErMbXP8Tugk1M8bB_-Zp4-VEQUt8sA8WuHx6Rw-QM0w3cfeojEx0XwOKJFeu6Hdar0fQHE8Kz0oiXCz565nmBmpXpEK4nM1-JZ1Lud41zaHS7Sp-HIy2XfJinJYwxxY0G8c74yN2FvLBA_dWBYGBzy8E1aL8_gMUJPUPVbf0jskgs1Ph/https%3A%2F%2Fwww.lbdsoftware.com "Worry more about your character than your reputation. Character is what you are, reputation merely what others think you are." - John Wooden -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Lizette Koehler Sent: Thursday, February 18, 2021 10:35 AM To: [email protected] Subject: Re: XMITIP and ANTI SPOOF message Yes it does. Now - is there any valid reason to allow users to turn this off? I would think from a security point of view we would want it left as is. Lizette -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Lionel B Dyck Sent: Thursday, February 18, 2021 8:58 AM To: [email protected] Subject: Re: XMITIP and ANTI SPOOF message Look in the XMITIPCU exec: /* -------------------------------------------------- * * Disable_Antispoof: Security awareness option * * Y = enabled (user can disable antispoof) * * anything else = disabled * * -------------------------------------------------- */ disable_antispoof = "N" hope this helps Lionel B. Dyck <sdg>< Website: https://secure-web.cisco.com/1jVQ-alNznXCVXE28JyDU-Z4CtL5MZza6J7y-0o9hE-PguBIrgeyan78far0WhPnxrmA1fZZoFLjZ74GLgV0cAdPh0HwxjNN4cEC15Gal-eGexzvRVEHHooYr3wHyOcaT0vLrytW9GfLBBUCp1QaDB7c2XxuD0GzQwrqnz_Jko-dv06sPZhf7jBvl4Ky4bZUSLUx1kdCM_2c6nI6SGy7hXttcI2Ug_yS2K28xh2dqZuX_VcajP-YZ_2hRQyzZM7oviNJUkgSb-8r5NCSAErMbXP8Tugk1M8bB_-Zp4-VEQUt8sA8WuHx6Rw-QM0w3cfeojEx0XwOKJFeu6Hdar0fQHE8Kz0oiXCz565nmBmpXpEK4nM1-JZ1Lud41zaHS7Sp-HIy2XfJinJYwxxY0G8c74yN2FvLBA_dWBYGBzy8E1aL8_gMUJPUPVbf0jskgs1Ph/https%3A%2F%2Fwww.lbdsoftware.com "Worry more about your character than your reputation. Character is what you are, reputation merely what others think you are." - John Wooden -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Lizette Koehler Sent: Thursday, February 18, 2021 9:56 AM To: [email protected] Subject: XMITIP and ANTI SPOOF message I have a user that wants to disable the anti-spoof message generated by XMIT IP The Manual says the installation needs to allow that. Where do I do that? I have been reading the very fine manual Lizette ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
