Subj : Netmail in the insecure inbound
To   : Alan Ianson
From : Kai Richter
Date : Sun Apr 25 2021 16:03:16

Hello Alan!

24 Apr 21, Alan Ianson wrote to Kai Richter:

 AI> Netmail that arrives uncompressed is tossed from the insecure
 AI> directory.

There your solution is. Get the netmail uncompressed.

 AI> If echomail is found it should be so, if netmail is found it should be
 AI> tossed?

Tossing uncompressed insecure netmail is the lowest level to establish first communication with the other sysop. It needs to work on any system.

Even if your mailer log told you that you are connecting to a linux binkd that doesn't force the tosser to be on a linux machine. Some systems are sharing the inbound to another system where the tosser works. You have no idea if the other side can handle the compression format that you use. You need to find a minimum standard and the easiest minimum standard is no compression.

 AI>>> I wonder if it is possible for hpt to unpack those arcmail
 AI>>> bundles and toss the packets within if they are netmail.

 KR>> Yes, it is. Negotiate a password with the sending sysop.

 AI> I get/send netmail to/from that node periodically. I would be happy to
 AI> link with that node if there was any reason to.

There is. A periodical link should be secured. Negeotation with the other sysop would set your passwords, the compression format and the route. I recommend to set a private nodelist too, just to avoid any further troubles with the official nodelist.

 AI> We only exchange netmail once in a while so we have never setup a
 AI> secure link.

This would work without any issues if the sender disables netmail compression.

 AI> This sysop, I suspect just wanted to test the route on the return
 AI> trip. No need to talk about that.

Then what is this for? Why should someone do a connect if there is nothing to talk? There is no need to build a road if nobody travels. Paths build up because many are going in the same direction.

As far as i noticed there was a testing run by someone visible at enet.sysop. According to my logfiles i was effected too. I received a netmail from a point system that was destinated to another point system. Why?? If we all throw our mails to anyone how could we believe that it would ever reach it's destination? This sysop simply wasted our time because he didn't use the standard secured routing. And he doesn't know the networks structure and function of hosts. From my point of view he does need someone to talk and who gives an introduction for ftn based networks.

 AI> Unless there is a problem

The problem is unsecured inbound compressed netmail.

 AI> and if there is I would like to get to work on the solution.

The solution is turn off compression and/or turn off not necessary tests.

Regards

Kai

--- GoldED+/LNX 1.1.4.7
 * Origin:  Monobox  (2:240/77)

.