From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sun, 27 Jul 1997 05:48:31 +0800
To: cypherpunks@toad.com
Subject: Re: Jim Bell Docket 3
In-Reply-To: <Pine.SUN.3.96.970724140511.29712R-100000@beast.brainlink.c om>
Message-ID: <3.0.2.32.19970725225321.03054658@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



>>A. It's unsolicited spam.
Not a big deal.
>>B. The way they gathered the list of addresses is questionable, 
>>    and likely off Jim's HD.  

Feh.  Either it was real, or it was forged.  In either case, 
the sender could have gotten names and addresses for the usual suspects
by watching the cypherpunks list; no need to crack Jim's machine.

It _was_ nicely forged, if it was forged.  One amusing method
that could have been used for the forgery is the method used
by Kashpureff for the alternic.net / internic.net rediriection -
when a site sends a DNS request to your name server (e.g. because
you've sent some email through it to you), send back some additional
records with the sites you're impersonating - especially if the
subdomain at irs.gov didn't really exist.  You can reinforce it by
adding the IP addresses you choose to your in-addr.arpa reverse DNS.

>I question, however, if is proper/appropriate for a governmental entity to
>retrieve email addresses off of a computer involved in a criminal matter
>and use those addresses to send the type of message that was sent to a
>selected few?  Unfortunately, I have no answer to this query.

Clearly not - there are major ECPA and invasion of privacy issues.
But there's no evidence that they did that.

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#   (If this is a mailing list or news, please Cc: me on replies.  Thanks.)