Skip to main content
Solved

Why don't you need to authenticate yourself to send a mail from one mail adress to another mail adress?

  • January 31, 2023
  • 1 reply
  • 24 views
joy
Enthusiast
Forum|alt.badge.img+15
  • joyEnthusiast
  • Enthusiast
  • 88 replies

I am not that familiar with the Emailer, but I experimented a bit with it and I find it a bit worrisome that I can send a mail from one mail adress (not necessarily mine) to another mail adress. I tested using my colleague's mail adress to send a mail to my own mail adress and I don't need to authenticate that I am the colleague.

You can choose yourself to have the sender's authentication on, but I would prefer that it's always required so you will be sure that the person who sents the mail is indeed the sender and not someone else.

Best answer by nielsgerrits

I'm no expert, but I believe it depends on the mail server settings if you are allowed to spoof / send mail from another email address.

 

The emailer is just following the options the SMTP protocol / rules allow us to. I think this should be fixed in the mailserver, not in the software.

 

If no harm is intended or caused, spoofing is not illegal. There are probably use cases where you want to use spoofing, tho personally I'm not a fan of it, as filters often mark email as spam when the sender was not authenticated.

This post is closed to further activity.
It may be an old question, an answered question, an implemented idea, or a notification-only post.
Please check post dates before relying on any information in a question or answer.
For follow-up or related questions, please post a new question or idea.
If there is a genuine update to be made, please contact us and request that the post is reopened.

1 reply

nielsgerrits
VIP
Forum|alt.badge.img+60
  • nielsgerritsVIP
  • 2938 replies
  • Best Answer
  • January 31, 2023

I'm no expert, but I believe it depends on the mail server settings if you are allowed to spoof / send mail from another email address.

 

The emailer is just following the options the SMTP protocol / rules allow us to. I think this should be fixed in the mailserver, not in the software.

 

If no harm is intended or caused, spoofing is not illegal. There are probably use cases where you want to use spoofing, tho personally I'm not a fan of it, as filters often mark email as spam when the sender was not authenticated.

Buckle your seatbelt Dorothy, cause Kansas is going bye-bye...

Community Stats

32,066
Posts
121,745
Replies
39,692
Members

Latest FME

Terms & ConditionsCookie settingsAccessibility statement
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.