[109295] in Cypherpunks
Re: Firedoors (fired Oors ?)
daemon@ATHENA.MIT.EDU (Bill Stewart)
Wed Mar 17 02:57:37 1999
Date: Tue, 16 Mar 1999 23:24:57 -0800
To: cypherpunks@cyberpass.net
From: Bill Stewart <bill.stewart@pobox.com>
Reply-To: Bill Stewart <bill.stewart@pobox.com>
Hi, Lars - is it ok if I forward your reply (or this mail)
to Cypherpunks and/or remailer-operators?
At 11:11 AM 3/15/99 +0100, you wrote:
>Bill Stewart <bill.stewart@pobox.com> writes:
>> The author is somewhat confused about why firewalls exist. They're
>> not (usually) to keep insiders in - that's a known hard problem,
>> though firewalls can sometimes be used to track what insiders send
>> outside. They're to keep outside crackers out, because the damage
>> that can be caused by crackers is serious enough that you can't
>> afford not to, even if the cost is making it hard for employees to
>> work from home or the road.
>
>In my case, it's actually not a firewall that's the problem. I
>suspect we have only one computer connected to the internet for
>economic reasons. The rest of the corporate network is a 10.x.x.x
>net. Still, it's annoying, because I read all my private email
>on a computer on the internet.
That's a pretty universal architecture these days, partly for
economic reasons, and partly because it lets you use 10.* space
instead of real (scarce) registered IP addresses,
with Network Address Translation and/or proxies for reaching outside.
The problem is that your firewall isn't clueful enough to let you
access your outside POP server through the firewall.
I had that problem for a long time, and partially have it now.
The cheap but lame way around it is to forward your email to a web-based
mail portal like Hotmail or its dozen imitators.
A less lame approach is to get a copy of WebbyPOP or similar tool
that extracts your real mail from Hotmail and presents a POP3 interface
(on 127.0.0.1) that you can use with a regular POP3 email client.
If you're running on Unix instead of Win95, Ian Goldberg did a tool
a year or two ago for running remailers off Hotmail.
If I remember right, Hotmule also lets you extract mail from Hotmail
and forward it to some normal server. Alternatively,
if you've got a shell account, you could also set up
your own web-based email forwarder with much less clutter than hotmail,
and I think there are packages out there that support it.
A different approach is to find out if your firewall has Socks5
(or can be talked into installing it), which lets you use telnet
or some other protocols through the firewall.
If you've got a shell account for your outside email,
you can socks-telnet out and read it, and that can let you use
tunnels like SSH or probably "term" to gateway your POP mail.
I haven't put the effort into setting that up,
so for my main outside email account, I can but usually don't
telnet to the shell account and read it with old-style Unix mail.
Another system that I use is a procmail script on my main email
that forwards some critical email to my junk hotmail account
(basically anything that has "Hey" in the Subject: line).
I set this up last summer so I could be reachable from cybercafes
while I was on vacation. (Unfortunately, it also picks up anything
with "they" in the Subject, but that's low usually not too much mail.)
For general remailer use, there's CWebMail, which is a service
that provides a POP3 interface to Hotmail and Yahoo,
but it doesn't solve your can't-access-POP3-through-firewall problem.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
