Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!cbatt!ihnp4!qantel!lll-lcc!lll-crg!seismo!columbia!caip!brl-adm!brl-smoke!smoke!SRA@mit-xx.ARPA
From: SRA@mit-xx.ARPA (Rob Austein)
Newsgroups: net.mail.headers
Subject: Can a user \"prod\" a remote host?
Message-ID: <4187@brl-smoke.ARPA>
Date: Fri, 26-Sep-86 16:10:18 EDT
Article-I.D.: brl-smok.4187
Posted: Fri Sep 26 16:10:18 1986
Date-Received: Tue, 30-Sep-86 19:26:32 EDT
Sender: news@brl-smoke.ARPA
Lines: 25


    Date: Friday, 26 September 1986  11:19-EDT
    From: jordan@ucbarpa.Berkeley.EDU (Jordan M. Hayes)

    Yes, but I think the main reason this has never been implemented is for
    security reasons ... I could find a machine that does a lot of queueing
    on a regular basis (ucbvax for one queues a lot, since the load is
    usually above the "safe" threshold for sendmail to run to completion)
    and telnet to port 25 on your machine and issue a TURN and I steal all
    the mail headed for that machine ... not _too_ cool ...

Um, yeah.  So you'd want to look up the name from the HELO and check
that the foreign address you were talking to corresponded.  Except
that here in the future somebody could get their domain server to lie
for them.  Mumble.  So you'd have to do a reverse (IN-ADDR) lookup too
to verify the address (assuming that you aren't dealing with somebody
smart enough to forge IP addresses or corrupt your resolver, but if
they can do that you might as well give up, you lose anyway).

That does limit the usefulness some, since traditionally SMTP
listeners will accept almost anything in the HELO.  On the other hand,
it doesn't bite you until you use TURN, and it'd give people a motive
to set up the IN-ADDR data correctly (a pet peeve).

--Rob