1994-11-21 - remailer security, sendmail

Header Data

From: “David A. Wagner” <dawagner@phoenix.Princeton.EDU>
To: cypherpunks@toad.com
Message Hash: 38f0405b560aeafe7c3518425e17ce631844f95792818a1792465dc3c0f56a8e
Message ID: <9411210020.AA06110@tucson.Princeton.EDU>
Reply To: N/A
UTC Datetime: 1994-11-21 00:22:43 UTC
Raw Date: Sun, 20 Nov 94 16:22:43 PST

Raw message

From: "David A. Wagner" <dawagner@phoenix.Princeton.EDU>
Date: Sun, 20 Nov 94 16:22:43 PST
To: cypherpunks@toad.com
Subject: remailer security, sendmail
Message-ID: <9411210020.AA06110@tucson.Princeton.EDU>
MIME-Version: 1.0
Content-Type: text/plain


I just read an interesting post on alt.hackers.  Apparently you
can figure out who's sending mail to who by repeatedly running
the command /usr/lib/sendmail -bp.  I just tested this out and
it *seems* to work, as does running /usr/ucb/mailq repeatedly.
How's that for an obscure feature?

Does anyone run a remailer on a multi-user machine where sendmail
is used?  Is this sendmail feature a problem?  If so, how would
one fix it? (write a wrapper for sendmail? but that requires root
access *sigh*)  Am I missing something?

-------------------------------------------------------------------------------
David Wagner                                             dawagner@princeton.edu




Thread