SonicFax - Fax to email
 
Sonic Fax HomeSonic Fax SitemapContact Sonic Fax
You are Here:  Fax Out / Email to Fax Software / Email to Fax User Guide / Warning and indemnity


Warning and indemnity

We STRONGLY suggest you use Print2Fax rather than email to fax for

• Security reasons
• Pre-checked layout and format of the document/s to be sent as the format translation may vary from user to user

Email Spoofing Description
• Email spoofing may occur in different forms, but all have a similar result: a user receives email that appears to have originated from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).

Indemnity

This indemnity is a requirement for any entity or individual wishing to make use of the FaxFX, Email to Fax sending facility.

In the event of this service being selected online, the entity/individual, by virtue of its/their use of this service (having been duly notified of the terms and conditions of use at the time of selecting the service) acknowledges that it/they have read and understood this indemnity and further agrees to be bound by it.
The user hereby confirms that they have elected to make use of the FaxFX, EmailtoFax sending facility.
The user acknowledges that they are fully aware of the security concerns that FaxFX have highlighted viz: Email Spoofing (Description attached), which can lead to unauthorised access of an entity/individual VAS (Value Added Services) account and which can further cause an email to be sent that appears to have originated from the legal owner of that email address.
The user hereby indemnifies FaxFX, and keeps FaxFX and all its associated agents/employees indemnified from any claim arising out of the use of this specific service, including FaxFX legal costs on the scale between attorney and own client and against all legal costs for which FaxFX might be liable as a consequence of FaxFX
contesting such claim.

Email Spoofing

I. Description

Email spoofing may occur in different forms, but all have a similar result: a user receives email that appears to have originated from one source when it actually was sent from another source.
Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).

Examples of spoofed email that could affect the security of your site include:
* email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not do this.
* email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information.

II. Technical Issues

* If you provide email services to your user community, your users are vulnerable to spoofed or forged email.
* It is easy to spoof email because SMTP (Simple Mail Transfer Protocol) lacks authentication. If a site has configured the mail server to allow connections to the SMTP port, anyone can connect to the SMTP port of a site and (in accordance with that protocol) issue commands that will send email that appears to be from the address of the individual's choice; this can be a valid email address or a fictitious address that is correctly
formatted.
* In addition to connecting to the SMTP port of a site, a user can send spoofed email via other protocols (for instance, by modifying their web browser interface).