Re: blind forwards

[xm () GEEKMAFIA DYNIP COM (Ex Machina)]

You _may_ be able to see if anyone clumsily get s a blind forwarded
message by attaching a return receipt.

Ex Machina (xm () geekmafia dynip com)    http://geekmafia.dynip.com/~xm/
phone:  1-877-LPT-WHIP         icq:  3387005           aim:  ExMachina
GnuPG Keyprint:     0627 C3A8 DE25 F7FB 46BD  4870 2006 CF7F EBDA 949D

On Wed, 28 Jun 2000, Keith McCammon wrote:

> Date: Wed, 28 Jun 2000 16:13:48 -0400
> From: Keith McCammon <kmccammon () TIDALWAVE NET>
> To: INCIDENTS () SECURITYFOCUS COM
> Subject: blind forwards
>
> Hey all,
>
> This may or may not be the right list for this.  It doesn't seem to fit
> nicely anywhere.  However, we're investigating this at work, and I know
> someone out there knows the answer.  (An incident I suppose)
>
> I'm curious to find out how one could go about analyzing an e-mail to find
> out if it is being intercepted upstream before it reaches the intended
> recipient.  For example, with some e-mail servers, a file can be placed in
> the user's mailbox on the server that will "blind" forward any incoming mail
> to a given address.
>
> SMTP Server --> Recipient's Mail Server--> USER-X (blind) and INTENDED-USER
> (as usual)
>
> I'd imagine that this is highly illegal at the upstream level under most
> circumstances; and I know there's a way to find out if this type of snooping
> is taking place.  Anyone?  Anyone?
>
> Keith