End of the road for SMTP?

By on August 2, 2003, 3:59 AM
The protocol that has defined e-mail for more than two decades may have a fatal flaw: It trusts you.

SMTP makes that assumption because it doesn't suspect that you're sending a Trojan horse virus, that you're making fraudulent pleas for money from the relations of deposed African dictators, or that you're hijacking somebody else's computer to send tens of millions of ads for herbal Viagra.

Read more: [URL=http://news.com.com/2100-1038_3-5058610.html?tag=fd_lede1_hed]CNet News[/URL].

User Comments: 2

Got something to say? Post a comment
Phantasm66 said:
SMTP is wide open. You can telnet to the SMTP port on a any server that's running it and without a password start to tell it what to do. You can spoof e-mail messages from any source address you like, and with some work you can spoof the originating IP address as well.The fact that it is so wide open is, as Julio has pointed out, responsible for a lot of spam on the net. If we got rid of SMTP, things would improve.
Phantasm66 said:
Same goes for FTP and PAP. These things were invented when the internet was a much smaller and more trustworthy place. If it had remained in the hands of scientists, academics and technicians then it would have been fine. But now the internet is exposed to untrusted parties. Anything that's not secure is rubbish.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.