Hi!
I've prepared a page with the info:
"bad message from server!" and 144 msgs truncated
https://www.croatiafidelis.hr/foss/cap/cap-171213-server-bad-mail/
I'm also asking about this devs at Getmail and Courier Maildrop Mailing lists.
I'll be greatful for any expert insight, opinion, advice about this.
To me it looks like the attackers have used Tor, which has been running as
"daemon" which is the Debian/Devuan style, to launch and MiTM, nothing
necessarily clever, but it did ruin lots of my emails which I will never get
nor know which emails those were...
Of course I can't decrypt those conversations... so will never know...
Or is there any more to it?
NOTE: I also note in that page how the bug that I had reported really was bug,
because it is now fixed in my Devuan Ceres Wireshark 2.2.6:
Filtering on (negated) frame.time_relative filters out wrong frame.number
https://www.wireshark.org/lists/wireshark-users/201704/msg00037.html
(but this paragraph is a digression)
Thanks for any insight from the more knowledgeable! Regards!
--
Miroslav Rovis
Zagreb, Croatia
https://www.CroatiaFidelis.hr
Attachment:
signature.asc
Description: PGP signature
