'Authentication based on email "from address"
I have an application that reads incoming email received by a specific email address. The application then does business transactions based on the content of email.
Currently the application only does a String compare of "from address" (against a list of whitelisted addresses) to check if the request is coming from a valid source.
But, is this safe? Can an unauthorized person send a spoof email from an email-ID, without having the access to that email?
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|