On 2/12/03 7:28 AM, Frode Skarstein at [EMAIL PROTECTED] wrote: > I am running a small scale, yet viable, commercial webhosting service > using SIMS for my customers' email needs. It works wonderfully. > > However, I have currently been accused (wrongly, i must add...) of > having tampered with the outgoing email of one of my clients. He claims > that not only have I generated emails in his name, but I have also, and > this is the impressive part, intercepted his outgoing emails, added > certain sentences to them, and let them go off to wherever he was > sending them. > > I am aware that SIMS account system makes it possible for me as a > sysadmin to view incoming email in the SIMS folder. And furthermore, I > am aware that I, if I have any user's password (which i don't > anymore...), can generate email in any accounts name.
Actually, with most e-mail client programs, it is trivial for anyone to send e-mail as anyone they wish. This is a necessary feature since there is normally no authentication of outgoing e-mail. > BUT as far as I > know, unless i do some serious programming to go into SIMS' processing > of emails etc, i can not *stop* emails that a client is sending, edit > them, and then relay them on. > > My question is: How much skill does it take for a system admin to > intercept, edit and relay on emails from clients using the SIMS email > product? It might be pretty simple by playing with the number of TCP/IP channels for SMTP. > This is a VERY VERY annoying situation for me, and I would really > appreciate to get your input on this problem. I would "invite" him to take his business elsewhere. Immediately. -- Larry Stone [EMAIL PROTECTED] http://www.stonejongleux.com/ ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
