From: Rabid Wombat <wombat@mcfeely.bsfs.org>
To: “Douglas R. Floyd” <dfloyd@io.com>
Message Hash: 8e69f4bcb14594624b1d1aa516bdd1134d55fc3cf7d4f9dcd758c987696b8819
Message ID: <Pine.BSF.3.91.960923220329.5203C-100000@mcfeely.bsfs.org>
Reply To: <199609232112.QAA07155@xanadu.io.com>
UTC Datetime: 1996-09-24 09:24:03 UTC
Raw Date: Tue, 24 Sep 1996 17:24:03 +0800
From: Rabid Wombat <wombat@mcfeely.bsfs.org>
Date: Tue, 24 Sep 1996 17:24:03 +0800
To: "Douglas R. Floyd" <dfloyd@io.com>
Subject: Re: Snooping ISP admin??
In-Reply-To: <199609232112.QAA07155@xanadu.io.com>
Message-ID: <Pine.BSF.3.91.960923220329.5203C-100000@mcfeely.bsfs.org>
MIME-Version: 1.0
Content-Type: text/plain
On Mon, 23 Sep 1996, Douglas R. Floyd wrote:
> >
> > Greetings All,
> >
> > Question for the group: I have encountered a situation that causes me
> > to believe an ISP is snoopingthrough encrytped mail. It seems that
> > PGP'd mail has aroused the curiosity of an ISP (not hooked.net).. I have
> > encountered "POP3 account in use by another user" several times in the
> > past few days and I am the only user... wondering if that "in use"
> > messsage is the result of a clumsy sysadmin being caught with his hand
> > in the cookie jar. Any thoughts from the group??? If those more
> > knowledgeable than I deem these NOISE... my sincere apologies.
>
> An admin could just copy the mail spool file to a safer place, then read
> through at their leisure.
>
> Unless its someone totally clueless (which some ISP's are), I doubt that
> they are pulling off the pop3d. It could be that your mail spool file is
> locked by a mail transport agent, and that is why that error message is
> occuring.
>
> Any thoughts?
>
This is probably somewhat system dependant, but I'm guessing that any
lock on the file "could" generate the message that the account is "in use."
Could be a lock which was not cleared from a previous session, a backup
system that wants exclusive reads on the files, etc., not necessarily
another POP3 session. As for the sysadmin side, yes, there are other,
easier methods of getting at the mail file. OTOH, could be someone inside
an ISP (or not), who does not have access to the file structure, but did
somehow obtain passwords through other means. Any ISP of any size will
have different levels of access for different employees, and the
graveyard helpdesk shift can get fairly dull ...
It is more than likely a system-related problem with a file lock, though.
I'd suggest changing your password, and making sure that you don't use a
dictionary word or obvious permutation thereof. If you continue to have
problems, check with the ISP about your "technical difficulties", and see
what they come up with.
Just my $.02
- r.w.
Return to September 1996
Return to “somebody@tempest.ashd.com”