No Subject
rishab at dxm.ernet.in
rishab at dxm.ernet.in
Sat Mar 12 23:04:38 PST 1994
unicorn at access.digex.net:
> ->\
> I think the recent death-threat-to-Clinton desaster has made clear
> that the remailers we have are not very secure, mainly because
> incoming and outgoing mail seems to be monitored at many sites.
> <-
>
> Wait, the threat was posted with a remailer?
This was the address in the death threat:
> The message was signed "Overlord" and purported to be from
> "Allmighty at Never.Gonna.Catch.Me."
> ... Investigators determined the message originated at the UI, and a
> computer trace identified Reincke as the apparent author, Hulin said.
Looks like a sendmail hack.
Sendmail at most sites recognize the site you telnet to port 25 from even
if you explicitly provide another one through 'helo'. So while you can forge
the From: line, it will appear as if the mail came from your *real* site before
it got to the final site. The only site I know of where you can telnet to port
25 and type 'helo this.is.not.my.site' and have it accepted is MindVox,
phantom.com. This was a while ago, and I haven't searched very hard for similar
sites.
If it was sent through remailers the article would probably have mentioned it.
They make much better evil hacker news than just a 'purported' address.
--------------------------------------------------------------------------------
Rishab Aiyer Ghosh "What is civilisation
rishab at doe.ernet.in, rishab at dxm.ernet.in but a ribonucleic
Voicemail +91 11 3760335; Vox/Fax/Data 6853410 hangover?"
H-34C Saket New Delhi 110017 INDIA
--------------------------------------------------------------------------------
More information about the cypherpunks-legacy
mailing list