This week's giveaway is in the Spring forum.
We're giving away four copies of REST with Spring (video course) and have Eugen Paraschiv on-line!
See this thread for details.
The moose likes Other JSE/JEE APIs and the fly likes Email impersonating Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Java » Other JSE/JEE APIs
Bookmark "Email impersonating" Watch "Email impersonating" New topic

Email impersonating

Aryan Khan
Ranch Hand

Joined: Sep 12, 2004
Posts: 290

With Java Mail I can send an email as any one else by setting from address.
How can this be stopped? Digital signatures? How?
Or at least the recieving person should be alerted that this email is not authenticated.

Aryan Khan
Ranch Hand

Joined: Sep 12, 2004
Posts: 290

I found this
Q: How do I send secure email using the JavaMail APIs?
A: The JavaMail APIs currently have no support for sending or receiving secure email. The architecture of the JavaMail APIs allows such support to be easily added later, by us or by third parties. Information on the current Email security standards (S/MIME and PGP) can be found at Please browse our Third Party Products page for solutions from other vendors.
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42959
Just about any email client can set the From: header any way it pleases. That's not a feature specific to JavaMail. If you are suspicious of the sender, you'll need to look at the other header information to see where the message came from.
I agree. Here's the link:
subject: Email impersonating
It's not a secret anymore!