Thursday, June 16, 2005

hijacking smtp traffic


This week, I have been using the free WiFi service offered by the hotel I have been staying at.  I noticed that they do something that T-Mobile does.  Any time that you attempt to send mail, they redirect that connection to their server.  Since I have my mail client configured to use authentication, I get a message stating that the server does not allow authentication.


If I was not setup to authenticate my outgoing mail, it would silently go to their servers.  I have a few problems with this:


  1. They didn't inform me that they were going to do this.

  2. They could potentially store my message on their server

  3. They could also get my username, password and mail server that I use for sending mail.  So now someone could send spam using my authentication information.


I understand their desire to not allow spam to be sent through their access point, but I think that a better solution would be to block all access to this port.  If they were to do this, people would be required to use a webmail service, smtps (smtp over ssl), or tunneling though ssh or vpn.