Wednesday, March 25, 2009

Wireless service "steals" and proxies emails

Wireless (swisscom) at hotel steals my email messages and relays through a proxy rather than my MTA! WTF!!

Even "experts" can be fooled.

I automatically clicked "YES" on accepting the SSL certificate, I'm ashamed!

I know it is self-signed and therefore gives an error (I installed a new mail client).
Regardless of it being the first time, I would have liked the violations (self-signed and unknown) to be written in red, on separate lines. Make it a bit more user friendly so that at least folks who care about security are not tempted to act as lusers and click "yesyesyes".

No wonder a friend bounced my emails, they were being relayed from a non-authoritative MTA for linuxbox.org.
: host mx01.speakeasy.net[69.17.117.60] said: 554 5.7.1
: Client host rejected:
Access denied (in reply to RCPT TO command)

linuxbox's log file:
Mar 25 ... linuxbox ...
A53E6.2070502@linuxbox.org>, proto=ESMTP, daemon=MTA, relay=mail-out-01.swisscom-eurospot.com [83.97.120.90]

WTF?!

Worse still, this is the first time in ages I use a GUI client, so my mistake was installing it for the first time on a wireless hotel network.

Well, we learn.

Update:
These are called "transparent proxies" and apparently "everyone" does that. It helps, among other things, control outgoing spam from users.

One suggestion was to use submission on port 587 with STARTTLS

Update #2:
So I didn't click "yesyesyes" after all, I configured it wrong.
In Thunderbird I needed to set up encryption for SMTP regardless of what I set for the account. I was set to "tls, if available" so I was never alerted.

Gadi Evron,
ge@linuxbox.org.

Follow me on twitter! http://twitter.com/gadievron

No comments: