Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

How mailx -r works?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting How mailx -r works?
# 1  
Old 07-15-2013
Question How mailx -r works?
I'm using Sun Solaris.
I used mailx -r "MyEmailId" -s "sub" "toEmailID" from my unix id and it worked.
But when i run the same script from other's unix id it works as well. mean any one in my environment can mail to other's email without my knowledge.
My questions are
  1. How it works and why it doesn't ask for authentication?
  2. Does it works for public emails (eg:gmail,yahoo etc) as well?
  3. Where and what one should implement security check to stop this?
# 2  
Old 07-15-2013
First, you have to distinguish between mail as a (network) protocol and the means (clients, servers, MTAs, ...) to use this protocol.

The mail protocol - SMTP - allows to send messages with any name as sender. As "mailx" is a very basic client it does nothing to authenticate a user at all, so: yes, in the way you presented it it would be possible to send mail using any arbitrary mail address as sender. Yes, this would work for other email addresses too, provided that your mail server (more precisely: mail transfer agent, MTA) is set up this way. In fact this is the way professional spammers work: by setting up a MTA of their own and configuring it in a sufficiently crooked way.

This is the reason why you should not trust incoming mail (solely) based on the mail address of the sender: because this could be forged.

Now, in a common setup the MTA would not allow to send mail with an arbitrary sender address and/or has rules to rewrite address information when handling mail messages. Your MTA (probably "sendmail") is perhaps set up only rudimentary to allow sending diagnostic information via mail to the admins. This is not uncommon: if a filesystem becomes nearly full or a similar condition takes place the server might generate a mail message to the admin(s). For this the MTA is installed and set up with minimal effort. This does not automatically mean it could send mail anywhere outside the companies network. If so: this is a security deficit and should be taken care of.

I hope this helps.

bakunin
This User Gave Thanks to bakunin For This Post:
kg_gaurav
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How the below command works?

hi, can any one explain the below command. run it and see and if you understand please tell me. File=s1_abc.txt.xls.pdf MOD_File=$(echo ${File%.*}_`date +%Y%m%d_%H%M%S%N`.${File##*.}) i asked somedays before and got the above code. i needed to add date time stamp just before the last... (2 Replies)
Discussion started by: Little
2 Replies

2. UNIX for Advanced & Expert Users

How this works?

I have a program............ #include<stdio.h> #include<unistd.h> main() { if(fork == 0) { printf("Hi every body:p!!!!!!!!!!"); } } This program works with out any error. here fork is not a system call. It just act as a variable.But how it works without declaring it? What data type it... (19 Replies)
Discussion started by: carolsanjeevi
19 Replies

3. Shell Programming and Scripting

Mailx: How to send a attachment using mailx command

Hi All, Can anyone please provide the command for sending an mail with attachment using mailx command. Thanks in Advance :) Regards, Siram. (3 Replies)
Discussion started by: Sriram.Vedula53
3 Replies

4. UNIX for Dummies Questions & Answers

>./a.pl works, >a.pl - does not

When I try to execute script, I get message: >aa.pl zsh: command not found: aa.pl but >./aa.pl works OK. What to change in environment to force the former way to work? Thank you, Alex Z (4 Replies)
Discussion started by: zzol
4 Replies

5. Solaris

how inode works

HI, Just another dummies questions: How i can determine what number of inode to use when creating filesystem? Thanks (4 Replies)
Discussion started by: lamoul
4 Replies

6. Programming

how this works?

pls explain me how this works.... DECODE (SUBSTR (field, 1, 1),'''', '''''' || field || '''','''' || field || '''') here field is a column in an oracle table.... (7 Replies)
Discussion started by: vijay_0209
7 Replies

7. UNIX for Dummies Questions & Answers

How ls | wc -l works?

ls displays files in tabbed output. Say a directory contains 3 files. ls will list all 3 in one line. So, I expect ls | wc -l to give 1, but it counts the nr of files and gives 3. Can someone explain how this works? (3 Replies)
Discussion started by: krishmaths
3 Replies

8. UNIX for Dummies Questions & Answers

mailx error message : mailx: NUL changed to @

If I use the "Mail" link instead of the "mail" link to ../mailx I get this error. Mail so-n-so @whatever.com mailx: NUL changed to @ Unknown command: "postmaster" The email still goes through but i get the error. If I use "mail" it goes thru without the error. Any ideas?? (2 Replies)
Discussion started by: BG_JrAdmin
2 Replies

9. Shell Programming and Scripting

Anyone know how cksum works?

hello all. I'm not asking about the algorithm - or how it goes about computing the checksum - I'm asking how it views/looks at the files it does the cksum on. For instance: Say you had a directory named "dir_A" And within this directory you had some files. So: dir_A - file1 -... (5 Replies)
Discussion started by: kapolani
5 Replies

10. UNIX for Dummies Questions & Answers

how sendmail works

Excuse me for this question really for dummies! I would like to know how sendmail works, obviously even in few words. If it uses a mail server or relay to send mail, if there is some check that sendmail makes to the from address and so on... Thank you very much. (3 Replies)
Discussion started by: alzep
3 Replies
Login or Register to Ask a Question