Forging an
e-mail header to make it appear as if it came from somewhere or someone other than the actual source. The main
protocol that is used when sending e-mail —
SMTP — does not include a way to
authenticate. There is an SMTP service extension (
RFC 2554) that allows an SMTP client to negotiate a security level with a mail
server. But if this precaution is not taken anyone with the know-how can connect to the server and use it to send spoofed messages by altering the header information.
In some jurisdictions, e-mail spoofing anyone other than yourself is illegal.