On Wed, 4 Oct 2000, dmolnar wrote:
if an adversary knows you are running a middleman and has control over one of the hosts relaying mail for your ISP, it may be able to
1. send mail ostensibly to a legitimate, remailer address via your "middleman" remailer
2. intercept the message you send out at the captured mail relay
3. change the header so the mail you thought was going to a remailer ends up in someone else's e-mail account. or maybe the e-mail account of the adversary so he can pose as an aggreived user.
A contact to the ISP follows. You can try to convince your ISP that "no, this shouldn't happen because I'm running as a middleman," but it's not clear how you could prove that you're under this kind of attack.
An individual can simply fabricate an e-mail outright (requesting the help file to provide himself with an easily-modified template and log entries on on the mail relayy) or just not even show it. "Umm...Like I got this death threat... but I deleted it" would be sufficient for some of the more spineless providers.
I'd have to go read the code to figure out whether a plaintext message could be sent this way, or just a message actually encrypted to another remailer.
It seems as though if you're running as a middleman and you encounter a plaintext message, it'll encrypt the message with the next remailer's key before it mails it out. But I only took a quick look at the code. -Ryan -- Ryan McBride - mcbride@countersiege.com Systems Security Consultant Countersiege Systems Corporation - http://www.countersiege.com