[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Update to default exit policy



anonym wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 20/08/08 15:42, 7v5w7go9ub0o wrote:
>> anonym wrote:
>>> Email clients leak tons of information, the most critical I know of
>>> being your IP address and/or host in the EHLO/HELO in the beginning
>>> of the SMTP(S) transaction.
>> Nope.
>>
>> The encrypted connection occurs before the smtp handshake.
>>
>> IP/host info is not compromised, this is not an issue.
> 
> Care to elaborate on this?
> 
> The way I understand it, the encrypted connection will only prevent
> eavesdroppers from snooping the IP address/host, but the destination
> email server will get it in the EHLO/HELO message. IMHO, that equals a
> compromise of grand scale.

AH!.... we were talking about two different things. :-(

I was referring to third-parties being unable to sniff your email
contents or your host address within an SSL/SMTP transaction via TOR.
You're talking about withholding information from the mail server itself
(e.g. you're on the road with a laptop, and don't want to leave records
of where you were as you sent your messages).

And indeed, you raise an interesting point!

FWICT, different clients put different information into that HELO. Even
a common client such as TBird puts different info. in Mac OS's (unique
registration information) than it does in Windows (IPA octet).

- Having the option to configure what goes into this field may be a
basis for selecting one's email client.

- Guess it's time to sniff some SMTP connections, and if I become
irritated enough, tweak the source code and recompile my client; hexedit
my client; change clients; or install a proxy or server. (sigh)