outgoing email problems

[redbird]

I'm getting those weird messages about certificates on outgoing email. If anything urgent comes up, I'll ssh in and send mail from mutt rather than Eudora, but there are replies waiting to go out. I just hope they fix this before I leave for Minicon.

Update: I have been exchanging email with Panix staff. There is no mallard.panix.com, so something weird is going on here. On their advice, I reset the outgoing mail to look for mail.panix.com (instead of pop3s.panix.com), but I'm getting the same error. Plus a bonus error message from mutt because Eudora grabbed all the mail while I had the mailbox open using mutt.

If there are any Panixians reading this who use Eudora (ideally 5.2, but any Eudora, or indeed any POP3 reader), can you tell me what you have your incoming and outgoing mail hosts set to, please. Comment here, or by phone; email currently depends on the PuTTY connection staying open.

(On a related matter, I've found a buyer for that Corflu membership.)

Comments

will ya, will ya, huh?

[replyhazy.livejournal.com]

Will you be coming to Corflu after Minicon? Inquiring con runners want to know.

Re: will ya, will ya, huh?

[redbird]

Sorry, no. Is there any way I can do something with that membership I bought so optimistically?

Re: will ya, will ya, huh?

[replyhazy.livejournal.com]

Uh... get hold of Nigel Rowe and sell it to him? He didn't preregister, and I know he's coming. He might like to save $15 bucks. Try nigel AT mwpsoft DOT com.

Poisoned Cache?

[webbob.livejournal.com]

Guessing that you're running Eudora on a Windows system, what's your DNS server set to and what are you using for a firewall/NAT?

There's this trick known as DNS Cache Poisoning in which a hostile 3^rd party sends "helpful" information to a DNS server with information not requested, which would seem to be the obvious way to get an entry for "mail.panix.com" as a nickname for "mallard.panix.com" and a bogus IP address for mallard into your system. Two things that you might try, if you or cattitude have the wherewithall for it, would be to find out what IP address your DNS server was returning for mallard.panix.com and clearing your DNS server's cache. If you can find out what the IP address is, a reverse (PTR record) search might tell you what system it was coming from and give you a lead on the identity of the attacker (whom I don't feel horribly paranoid about supposing exists, given that mallard is a canard).

It's not inconceivable that the cache at verizon.net was poisoned, though: the Former Employer who was an ISP got a lot of DNS Cache Poisoning attempts, as became clear after we upgraded to a recent implementation of the BIND DNS server software and started looking at error messages.