Originally Posted by muppetry
True, but while you can verify the origin, you still cannot prevent a spoofed "From" field with unauthenticated SMTP.
No, but your email server can tell if it came from the server it claims to have. So if you send a spoof email from @apple.com, your email server can tell what actual server it was sent from (e.g. @spoofemails.com). If the servers don't match, straight into the SPAM folder.
Also, I wrote another reply explaining why it IS an iPhone issue, but it was held back for administrators to approve (it featured links and I'm still a new user).
The short version of that post is: We're NOT talking about SMS spoofing in general, but about the issue discovered by pod2g. That issue is entirely about the REPLY-TO field, as I previously described. In other words: It's an issue on iPhones and it's entirely up to Apple to fix it.
Yes, you can spoof the SMS "FROM" field, but that's not what the AppleInsider news article was about, nor was Apple's statement to Engadget. It was about the REPLY-TO issue that pod2g discovered.
Also, FWIW, nobody knows how secure iMessage is, as nobody but Apple knows what protocols and security they're using.
Edited by JohnnyW2001 - 8/20/12 at 9:56am