Manualsbrain.com
  1. Manuales
  2. Marcas
  3. Cisco
  4. Cisco Email Security Appliance X1050
  5. Libro blanco

Cisco Cisco Email Security Appliance X1050 Libro blanco

Descargar
Página de 22
 
 
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. 
Page 4 of 22 
Anatomy of a Forged Message and Its SMTP Details 
The structure of the message in Figure 2 is very similar to our first variant in Figure 1. Both are examples of 
Envelope From abuse. The Envelope From field, shown below in the Simple Mail Transfer Protocol (SMTP) 
connection, is illegally using the domain name alpha.com. Envelope From abuse is easily remediated with sender 
verification, discussed later. But the problem is that sender verification checks only the SMTP envelope portion 
shown in Figure 2. The harder-to-detect spoofs introduced earlier (From abuse, cousin domain abuse, and free 
email account abuse) all have legal SMTP envelope portions, but the body portions of the message are designed 
to deceive the recipient. These two portions do not have to agree. In fact there are legitimate external mailing lists 
in which they may not.  
Figure 2.    SMTP Envelope and Body of Envelope From Abuse