Subj : Re: Follow-up on: .pkt received without a pkt password?
To   : All
From : Marc Lewis
Date : Thu Jul 23 2020 02:37 pm

* Copied (from: MYMAIL) by Marc Lewis using timEd/2 1.10.y2k+.

All:

This is a copy of an ongoing conversation with Wilfred van Velsen about a .pkt I transmitted to his system (I transmit uncompressed to him) that was missing the packet password and contained 2 routed NetMails to someone in Zone 2. Normally there are no problems between our two systems with either my NetMail or EchoMail to him.  This time the two messages seem to have circumvented *everything*.

Needless to day, I'm running the last (latest) version of Squish/2.

Any ideas on how or why and how to prevent this will be appreciated.

Best,
Marc

-o-o-o-o-o-o-o-o-CUT-o-o-o-o-o-o-o-o-o-

Hello Wilfred!

<On 23Jul2020 09:14 Wilfred van Velzen wrote a message regarding Re: Follow-up on: .pkt received without a pkt password? >

ML> [snip]
WvV>> This pkt file contained 2 routed netmails. I never see this on pkt
WvV>> files coming from your system, containing echomail...?

ML>> Strange. I've looked at my "saved" directory of routed NetMails and
ML>> I found nothing going to 2:280/464.  To whom are they addressed or
ML>> what do they contain? I simply can't see how anyone could get the
ML>> stuff into your system without knowing our somewhat lengthy session
ML>> password.  Any clue in the .pkts as to the tosser?  I am at a loss.
ML>> I am going to try and get squish to give me a log of outbound .pkt
ML>> files via the log analyser, but at the moment I am mystified.

ML> Okay - I do see where that .pkt was transmitted to you on 21 JUL
ML> 20@21:31:25 US Central time.  It will take me a while to run the squish
ML> analyser to try and find out what that packet contained

WvV> See my other netmail.

ML> and how squish could have sent it without the .pkt password prepended
ML> to the .pkt body... I don't know how that would be possible. (!?)

WvV> Your own netmails, like this one get processes fine. So the pkt
WvV> file must be containing the correct password. ;)

WvV> Maybe it's somehow just related to routed netmails?

Perhaps I have uncovered a squish bug. *Normally* a routed NetMail shows up in my "saved" NetMail folder (which of course is private and I don't normally read anything in there.)  Somehow, these two messages managed to circumvent *everything* including the packet level password my system is supposed to place on every .pkt going to you.  The squish analyzer I have is quite old and repeatedly returns an error when I ask it for full details - returning nothing but the error... so I am a bit in the dark on this one.  I think I will post this in the TUB echo and see if someone comes up with an explanation for this anomaly of packets coming from me to you containing a routed NetMail ending up in your unsecured area.  I am at a loss.

Best regards,
Marc

Internet recipients: Your reply in plain-text will be appreciated.
-+- timEd/2 1.10.y2k+
-o-o-o-o-o-o-o-o-CUT-o-o-o-o-o-o-o-o-o-

--- timEd/2 1.10.y2k+
* Origin: Sursum Corda! BBS-Huntsville,AL-bbs.sursum-corda.com (1:396/45)