Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site brl-tgr.ARPA
Path: utzoo!linus!philabs!cmcl2!seismo!brl-tgr!tgr!Hans-Werner_Braun%UMich-MTS.Mailnet@MIT-MULTICS.ARPA
From: Hans-Werner_Braun%UMich-MTS.Mailnet@MIT-MULTICS.ARPA
Newsgroups: net.mail.headers
Subject: SMTP source verification.
Message-ID: <301@brl-tgr.ARPA>
Date: Tue, 30-Jul-85 14:14:48 EDT
Article-I.D.: brl-tgr.301
Posted: Tue Jul 30 14:14:48 1985
Date-Received: Thu, 1-Aug-85 05:00:42 EDT
Sender: news@brl-tgr.ARPA
Lines: 13

Lots  of  people  appear  to  be  thinking  that  a  verification  of IP
addresses, e.g., in the case of SMTP is not necessary.  I  am  not  sure
whether  and  where  this  was  already  discussed before, but I get the
impression that the proliferation of low cost workstations connected to,
say,  campus  computer  networks  might change our minds in two to three
years in an environment where  most  of  the  power  (besides  parts  of
routing)  will  go  to  these hosts. I presume that this will be a newly
evolving problem which could not easily show up so  far.  What  are  the
suggested measures against faked message headers in that case? IP source
verification? Something else? Or is this considered to be no problem  at
all?

            -- Hans-Werner