On Oct 9, 2007, at 3:52 PM, Chris Edwards wrote:
However, even assuming your user *is* using the *berry server or the
verizon transparent proxy, then mails they send will in the main
emerge
from a legit mail server run by grown-ups, which is far far less
likely to
be blacklisted then a user sending direct from a hotel connection or
mobile dynamic IP etc etc.
Right, but transparent proxy of SMTP connections is available in even
the lowest end firewalls now (like free ones you get with service).
And very few clients will complain if they aren't required to do SMTP
auth, which means that the user will never know that their session
was intercepted.
Yes, this means man-in-the-middle is trivial. No kidding. Beat up
the mail client creators.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness
