Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site hou3c.UUCP Path: utzoo!watmath!clyde!burl!hou3c!RSX-DEV@DEC-MARLBORO.ARPA From: RSX-DEV@DEC-MARLBORO.ARPA (John R. Covert) Newsgroups: net.mail.headers Subject: Re: SMTP and authentication Message-ID: <384@hou3c.UUCP> Date: Tue, 6-Mar-84 19:07:00 EST Article-I.D.: hou3c.384 Posted: Tue Mar 6 19:07:00 1984 Date-Received: Wed, 7-Mar-84 06:44:32 EST Sender: ka@hou3c.UUCP (Kenneth Almquist) Lines: 18 To: MRC@SU-SCORE, Header-People@MIT-MC Enet-Address: "Castor::Covert" Phone: "(603) 884-8271 or DTN 264-8271" Uucp-Address: "{ucbvax,allegra,decvax}!decwrl!rhea!castor!covert" Regarding: Message from Mark Crispinof 6-Mar-84 1656-EST Authentication does not exist without encryption (because without encryption you can hack the authentication). I'm amazed that people who are concerned about authentication think that following up a message with a TWX or Telex involves any more authentication! A TWX or Telex can be hacked just as easily as netmail! All it takes is changing the answerback. When people worry about authentication in netmail, my usual reply is "Anyone can throw a letter into the Postal Service with any return address they want, as well as a forged signature." No unencrypted mail system has authentication. /john --------