[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Snooping ISP admin??

On Mon, 23 Sep 1996, Douglas R. Floyd wrote:

> > 
> > Greetings All,
> > 
> > Question for the group:  I have encountered a situation that causes me
> > to believe an ISP is snoopingthrough encrytped mail.  It seems that
> > PGP'd mail has aroused the curiosity of an ISP (not hooked.net).. I have
> > encountered "POP3 account in use by another user" several times in the
> > past few days and I am the only user... wondering if that "in use"
> > messsage is the result of a clumsy sysadmin being caught with his hand
> > in the cookie jar.  Any thoughts from the group???  If those more
> > knowledgeable than I deem these NOISE... my sincere apologies.
> An admin could just copy the mail spool file to a safer place, then read
> through at their leisure.
> Unless its someone totally clueless (which some ISP's are), I doubt that
> they are pulling off the pop3d.  It could be that your mail spool file is
> locked by a mail transport agent, and that is why that error message is
> occuring.
> Any thoughts?

This is probably somewhat system dependant, but I'm guessing that any 
lock on the file "could" generate the message that the account is "in use."

Could be a lock which was not cleared from a previous session, a backup 
system that wants exclusive reads on the files, etc., not necessarily 
another POP3 session. As for the sysadmin side, yes, there are other, 
easier methods of getting at the mail file. OTOH, could be someone inside 
an ISP (or not), who does not have access to the file structure, but did 
somehow obtain passwords through other means. Any ISP of any size will 
have different levels of access for different employees, and the 
graveyard helpdesk shift can get fairly dull ...

It is more than likely a system-related problem with a file lock, though.

I'd suggest changing your password, and making sure that you don't use a 
dictionary word or obvious permutation thereof. If you continue to have 
problems, check with the ISP about your "technical difficulties", and see 
what they come up with.

Just my $.02

- r.w.