Hylafax Mailing List Archives
|
[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
Re: [hylafax-users] Routing faxes to other fax servers based on phone number
I wasn't only talking about the broken-ness of email-to-fax systems but
also email as a whole. SMTP has little to no authentication built in.
It's a store and forward system where the relays basically accept email
from just about any other relay, headers can be easily forged, an open
relay is easy to configure and exploit.
In designing a HylaFAX least-cost-routing solution, we should be aware
of these problems and try to learn from them.
I wonder if we should consider integrating crypto into such a solution.
Say for example, we only allow signed fax jobs to enter the network. Servers
have public/private keys assigned, etc.
it can get complicated.
-joe
On Thu, Mar 21, 2002 at 09:18:08PM -0800, Lee Howard wrote:
> On 2002.03.21 18:46 Joe Phillips wrote:
> >
> > There would be a trust and authentication problem. I've been thinking
> > about this for a while. Basically, if we have servers forwarding
> > fax jobs around you get something like the email model. We all know
> > how broken that is.
>
> The e-mail models which allow the submitting client to define the job
> owner are all broken, as you've said, because they open the door wide-open
> for abuse of that capability, such that the system superuser must delete
> the actual queue files unless he has an unrequired admin account. For
> those who develop web faxing or email-to-fax mechanisms we've suggested
> building forward and reverse authentication into the client application.
> Again, I tend to think that this networked-HylaFAX-server scenario is
> something that is the client's responsibility again.
--
Innovation Software Group, LLC - http://www.innovationsw.com
Custom Internet and Computer Solutions
Linux, UNIX, Java Training
____________________ HylaFAX(tm) Users Mailing List _______________________
To unsub: mail -s unsubscribe hylafax-users-request@hylafax.org < /dev/null