Security Incidents mailing list archives
blind forwards
From: kmccammon () TIDALWAVE NET (Keith McCammon)
Date: Wed, 28 Jun 2000 16:13:48 -0400
Hey all, This may or may not be the right list for this. It doesn't seem to fit nicely anywhere. However, we're investigating this at work, and I know someone out there knows the answer. (An incident I suppose) I'm curious to find out how one could go about analyzing an e-mail to find out if it is being intercepted upstream before it reaches the intended recipient. For example, with some e-mail servers, a file can be placed in the user's mailbox on the server that will "blind" forward any incoming mail to a given address. SMTP Server --> Recipient's Mail Server--> USER-X (blind) and INTENDED-USER (as usual) I'd imagine that this is highly illegal at the upstream level under most circumstances; and I know there's a way to find out if this type of snooping is taking place. Anyone? Anyone? Keith
Current thread:
- Re: Nike Site taken over, (continued)
- Re: Nike Site taken over Steve (Jun 22)
- Re: Nike Site taken over Ex Machina (Jun 22)
- Re: Nike Site taken over Joel de la Garza (Jun 23)
- Re: Nike Site taken over Aviram Jenik (Jun 24)
- Re: Nike Site taken over Valdis Kletnieks (Jun 26)
- funky syslog entry klug (Jun 26)
- Re: funky syslog entry Valdis Kletnieks (Jun 27)
- Re: funky syslog entry Jens Hektor (Jun 27)
- Re: funky syslog entry Erich Meier (Jun 28)
- Re: funky syslog entry Sean Michael Whipkey (Jun 28)
- blind forwards Keith McCammon (Jun 28)
- Re: blind forwards Ex Machina (Jun 29)
- Re: blind forwards Brock Norvell (Jun 29)
- Re: blind forwards John Hall (Jun 29)
- Re: blind forwards David Pick (Jun 30)
- Re: funky syslog entry UnixGeek (Jun 29)
- Re: funky syslog entry Chris West (Jun 29)
- wuftp exploit Toby Miller (Jun 28)
- Re: wuftp exploit Daniel Jacobowitz (Jun 28)
- Permissions Derick Schuetz (Jun 27)
- Re: Permissions Valdis Kletnieks (Jun 27)