Fidonet Portal






From: Marc Lewis (1:396/45)
To: All
Date: Thu, 23.07.20 16:37
Re: Follow-up on: .pkt received without a pkt password?
* Copied (from: MYMAIL) by Marc Lewis using timEd/2 1.10.y2k+.

All:

This is a copy of an ongoing conversation with Wilfred van Velsen about a .pkt
I transmitted to his system (I transmit uncompressed to him) that was missing
the packet password and contained 2 routed NetMails to someone in Zone 2.
Normally there are no problems between our two systems with either my NetMail
or EchoMail to him. This time the two messages seem to have circumvented
*everything*.

Needless to day, I'm running the last (latest) version of Squish/2.

Any ideas on how or why and how to prevent this will be appreciated.

Best,
Marc

-o-o-o-o-o-o-o-o-CUT-o-o-o-o-o-o-o-o-o-

Hello Wilfred!

<On 23Jul2020 09:14 Wilfred van Velzen wrote a message regarding Re: Follow-up
on: .pkt received without a pkt password? >

ML> [snip]
WvV>> This pkt file contained 2 routed netmails. I never see this on pkt
WvV>> files coming from your system, containing echomail...?

ML>> Strange. I've looked at my "saved" directory of routed NetMails and
ML>> I found nothing going to 2:280/464. To whom are they addressed or
ML>> what do they contain? I simply can't see how anyone could get the
ML>> stuff into your system without knowing our somewhat lengthy session
ML>> password. Any clue in the .pkts as to the tosser? I am at a loss.
ML>> I am going to try and get squish to give me a log of outbound .pkt
ML>> files via the log analyser, but at the moment I am mystified.

ML> Okay - I do see where that .pkt was transmitted to you on 21 JUL
ML> 20@21:31:25 US Central time. It will take me a while to run the squish
ML> analyser to try and find out what that packet contained

WvV> See my other netmail.

ML> and how squish could have sent it without the .pkt password prepended
ML> to the .pkt body... I don't know how that would be possible. (!?Wink

WvV> Your own netmails, like this one get processes fine. So the pkt
WvV> file must be containing the correct password. ;)

WvV> Maybe it's somehow just related to routed netmails?

Perhaps I have uncovered a squish bug. *Normally* a routed NetMail shows up in
my "saved" NetMail folder (which of course is private and I don't normally read
anything in there.Wink Somehow, these two messages managed to circumvent
*everything* including the packet level password my system is supposed to place
on every .pkt going to you. The squish analyzer I have is quite old and
repeatedly returns an error when I ask it for full details - returning nothing
but the error... so I am a bit in the dark on this one. I think I will post
this in the TUB echo and see if someone comes up with an explanation for this
anomaly of packets coming from me to you containing a routed NetMail ending up
in your unsecured area. I am at a loss.

Best regards,
Marc

Internet recipients: Your reply in plain-text will be appreciated.
-+- timEd/2 1.10.y2k+
-o-o-o-o-o-o-o-o-CUT-o-o-o-o-o-o-o-o-o-

--- timEd/2 1.10.y2k+
* Origin: Sursum Corda! BBS-Huntsville,AL-bbs.sursum-corda.com (1:396/45)

ABOUT

This forum contains echomail areas hosted on Nightmare BBS You can browse local echomail areas, italian fidonet areas and a selection of international fidonet areas, reading messages posted by users in Nightmare BBS or even other BBSs all over the world. You can find file areas too (functional to fidonet technology). You can browse echomail areas and download files with no registration, but if you want to write messages in echomail areas, or use fidonet netmail (private messages with fidomet technology), you have to register. Only a minimal set of data is required, functional to echomail and netmail usage (name, password, email); a registration and login with facebook is provided too, to allow easy registration. If you won't follow rules (each echomail areas has its own, regularly posted in the echomail), your account may be suspended;

CONTACT