[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
No Subject
[email protected]:
> ->\
> I think the recent death-threat-to-Clinton desaster has made clear
> that the remailers we have are not very secure, mainly because
> incoming and outgoing mail seems to be monitored at many sites.
> <-
>
> Wait, the threat was posted with a remailer?
This was the address in the death threat:
> The message was signed "Overlord" and purported to be from
> "[email protected]."
> ... Investigators determined the message originated at the UI, and a
> computer trace identified Reincke as the apparent author, Hulin said.
Looks like a sendmail hack.
Sendmail at most sites recognize the site you telnet to port 25 from even
if you explicitly provide another one through 'helo'. So while you can forge
the From: line, it will appear as if the mail came from your *real* site before
it got to the final site. The only site I know of where you can telnet to port
25 and type 'helo this.is.not.my.site' and have it accepted is MindVox,
phantom.com. This was a while ago, and I haven't searched very hard for similar
sites.
If it was sent through remailers the article would probably have mentioned it.
They make much better evil hacker news than just a 'purported' address.
--------------------------------------------------------------------------------
Rishab Aiyer Ghosh "What is civilisation
[email protected], [email protected] but a ribonucleic
Voicemail +91 11 3760335; Vox/Fax/Data 6853410 hangover?"
H-34C Saket New Delhi 110017 INDIA
--------------------------------------------------------------------------------