Snooping ISP admin??

Jason Vagner jlv at signet.sig.bsh.com
Tue Sep 24 09:12:16 PDT 1996



> > Question for the group:  I have encountered a situation that causes me
> > to believe an ISP is snoopingthrough encrytped mail.  It seems that
> > PGP'd mail has aroused the curiosity of an ISP (not hooked.net).. I have
> > encountered "POP3 account in use by another user" several times in the
> > past few days and I am the only user... wondering if that "in use"
> > messsage is the result of a clumsy sysadmin being caught with his hand
> > in the cookie jar.  Any thoughts from the group???  If those more
> > knowledgeable than I deem these NOISE... my sincere apologies.
> 
> An admin could just copy the mail spool file to a safer place, then read
> through at their leisure.
> 
> Unless its someone totally clueless (which some ISP's are), I doubt that
> they are pulling off the pop3d.  It could be that your mail spool file is
> locked by a mail transport agent, and that is why that error message is
> occuring.
> 
> Any thoughts?

As someone who has operated an ISP himself, I would say that the
likelihood of this being a system problem is very high. Especially if this
is a relatively new ISP, or if they've upgraded anything at all on their
mail server, it's pretty easy to break the delicate balance of daemons and
permissions such that this problem could easily occur.

It's worth a call to their technical support line (I know.. I'm sure it's
always busy) just to inform them of the problem. Sometimes it'll time out
(if it's one kind of problem) and sometimes it'll hang there until a lock
file is specifically removed (a different kind of problem).

All other comments regarding the likelihood that a sysadmin would try to
read mail in the real environment apply. 

Jason







More information about the cypherpunks-legacy mailing list