funsec mailing list archives

Re: wireless service "steals" and proxies emails

From: Gadi Evron <ge () linuxbox org>
Date: Wed, 25 Mar 2009 22:54:39 +0100

Gadi Evron wrote:

Gadi Evron wrote:

Wireless (swisscom) at hotel steals my email messages and relays 
through a proxy rather than my MTA! WTF!! Even "experts" can be fooled.

No wonder a friend bounced my emails.


Friends elsewhere suggested a solution, but first why this is so 
shameful for me:
I did click "yesyesyes" on a certificate warning because I was expecting 
one anyway (self-signed).

Friend's bounce:

    : host mx01.speakeasy.net[69.17.117.60] said: 554 5.7.1
    : Client host rejected:
    Access denied (in reply to RCPT TO command)

linuxbox's log file:

    Mar 25 ... linuxbox ...
    A53E6.2070502 () linuxbox org>, proto=ESMTP, daemon=MTA, 
relay=mail-out-01.swisscom-eurospot.com [83.97.120.90]

Bastards proxy SSL'd connections too. Unless I missed something.

Solution:
Use submission on port 587 with STARTTLS

    Gadi.


So I didn't click "yesyesyes" after all, I configured it wrong.
In Thunderbird I needed to set up encryption for SMTP regardless of what 
I set for the account. I was set to "tls, if available" so I was never 
alerted.

        Gadi.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

wireless service "steals" and proxies emails Gadi Evron (Mar 25)
- Re: wireless service "steals" and proxies emails Gadi Evron (Mar 25)
  - Re: wireless service "steals" and proxies emails Valdis . Kletnieks (Mar 25)
    - Vundo encrypting your files then making you pay Alex Lanstein (Mar 25)
    - Re: Vundo encrypting your files then making you pay Valdis . Kletnieks (Mar 25)
    - Re: Vundo encrypting your files then making you pay David Harley (Mar 25)
  - Re: wireless service "steals" and proxies emails Gadi Evron (Mar 25)