[jdev] stanzaFrom cheat

[David Waite]

If your local server does not correct the 'from' to reference a JID 
controlled by your local server, the message will never make it to 
another server via s2s - it will be bounced because your server is not 
authorized to send from a different host.

In the realm of your own server, you can do whatever you like - it is 
your user's decision whether or not they trust you to run a server.

-David Waite

On May 26, 2004, at 8:59 AM, gregoire athanase wrote:

> ok I did not notice that.
>
> but that means that if I change the code of my jabber
> server, I can cheat. is it true?
> how can the receiver know that the sender is the good
> one?
>
>
> --- Julian Missig <julian at jabber.org> wrote:
>> If you look at the receiving end the receiver will
>> have the correct
>> "from" attribute rather than your cheated one. The
>> Jabber server will
>> overwrite your from if it's incorrect.
>>
>> Julian
>>
>>
>> On 26 May, 2004, at 11:19, gregoire athanase wrote:
>>
>>> hi,
>>>
>>> i tried to cheat on the stanza "from" attribute
>> with
>>> my server, which did not seem to notice anything
>>> suspiscious and dispatched the stanzas according
>> to
>>> the stanza "to" attribute.
>>>
>>> can the receiver know that the value has been
>>> cheatted?
>>>
>>>
>>>
>>> 	
>>> 		
>>> __________________________________
>>> Do you Yahoo!?
>>> Friends.  Fun.  Try the all-new Yahoo! Messenger.
>>> http://messenger.yahoo.com/
>>> _______________________________________________
>>> jdev mailing list
>>> jdev at jabber.org
>>> https://jabberstudio.org/mailman/listinfo/jdev
>>
>> _______________________________________________
>> jdev mailing list
>> jdev at jabber.org
>> https://jabberstudio.org/mailman/listinfo/jdev
>
>
>
> 	
> 		
> __________________________________
> Do you Yahoo!?
> Friends.  Fun.  Try the all-new Yahoo! Messenger.
> http://messenger.yahoo.com/
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> https://jabberstudio.org/mailman/listinfo/jdev