Tracing email traffic

Not hip to email technology as it goes through the internet. Would it
be possible for someone working at the ISP for some domain abc.com to
check logs of what email address was sending and receiving emails from
another email address? I'm sure it's possible of course but would it
be considered illegal to do so, or unethical in the sense they might
lose their job? Or would it be more or less public knowledge if some
internet savvy person even outside the ISP knew where to look? I think
obviously it would be available to a system administrator local to
domain abc.com.

How about email contents themselves? Do many ISPs encrypt email making
it difficult for even an employee to decipher, or is that usually left
as an exercise to the sender of the email to take care of?

Re: Tracing email traffic

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.
The Internet standard for MIME PGP messages, RFC 2015, was published in 1996.
To open this message correctly you will need to install E-mail or Usenet
software that supports modern Internet standards.

--=_mimegpg-commodore.email-scan.com-12908-1167761005-0001
Content-Type: text/plain; format=flowed; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
X-Mime-Autoconverted: from 8bit to quoted-printable by mimegpg

jeffc226@yahoo.com writes:

> Not hip to email technology as it goes through the internet. Would it
> be possible for someone working at the ISP for some domain abc.com to
> check logs of what email address was sending and receiving emails from
> another email address?

All mail servers routinely log all messages they send and receive. How l=
ong=20
the logs are kept depends on the individual mail server. It is certainly=20
possible for any mail server to keep copies of all messages they handle. =20
Many mail servers specifically have the ability to do so; many organizati=
ons=20
(banks, brokers, etcâ€=A6) are legally required to archive copies of =
all=20
correspondence, for compliance purposes.


> I'm sure it's possible of course but would it
> be considered illegal to do so, or unethical in the sense they might
> lose their job?

Of course not. In some situations they'd lose their job if they DON'T ke=
ep=20
complete archives of all E-mail correspondence.

> Or would it be more or less public knowledge if some
> internet savvy person even outside the ISP knew where to look? I think

The only way he'd be able to find something would be if he would hack int=
o=20
the mail server.

> How about email contents themselves? Do many ISPs encrypt email making
> it difficult for even an employee to decipher, or is that usually left
> as an exercise to the sender of the email to take care of?

No. Never heard of such a thing. I'm sure something like that is done,=20
somewhere. But it would be an exception, not the rule.

But keep in mind that in most cases nobody is actually obligated to use=20
their Internet provider's mail server. I don't. A small minority of=20
Internet providers wants to be your babysitter and will block you from us=
ing=20
anyone else's mail server, forcing you to use theirs'. But most do not; =
and=20
the only way for them to log your E-mail is to log your overall Internet=20
traffic. In that case, you can use encryption to send/receive mail from/=
to=20
your mail server.


--=_mimegpg-commodore.email-scan.com-12908-1167761005-0001
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQBFmp5tx9p3GYHlUOIRAhvvAJ9BnjfsAerFwkrEkTdylgCJOIcwpgCd GPso
8DSFGdTerOLZ0CYYTQ1xR9A=
=cWjP
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-12908-1167761005-0001--

Re: Tracing email traffic

Sam :
> jeffc226@yahoo.com writes:
> >
> > Not hip to email technology as it goes through the internet. Would it
> > be possible for someone working at the ISP for some domain abc.com to
> > check logs of what email address was sending and receiving emails from
>
> All mail servers routinely log all messages they send and receive. How long
> the logs are kept depends on the individual mail server. It is certainly
> possible for any mail server to keep copies of all messages they handle.
>
> > How about email contents themselves? Do many ISPs encrypt email making
> > it difficult for even an employee to decipher, or is that usually left
> > as an exercise to the sender of the email to take care of?
>
> No. Never heard of such a thing. I'm sure something like that is done,=20
> somewhere. But it would be an exception, not the rule.

I believe Blackberry fits that exception, however, it's only end to
end encrypted, not stored encrypted. They are only one exception, of
course.


--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://www.spots.ab.ca/~keeling Linux Counter #80292
- - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.
Spammers! http://www.spots.ab.ca/~keeling/emails.html

Re: Tracing email traffic

"jeffc226@yahoo.com" wrote in
news:1167758643.218641.83210@k21g2000cwa.googlegroups.com:

> How about email contents themselves? Do many ISPs encrypt email making
> it difficult for even an employee to decipher, or is that usually left
> as an exercise to the sender of the email to take care of?

No, emails are hardly ever encrypted. Reliable end-to-end encryption
technology exists (PGP, GPG) but even that is hardly ever used in the real
world.

No sensitive (e.g. financial) information should ever be sent by email.
These things should be considered open postcards en route.

Re: Tracing email traffic

Sam writes in comp.mail.misc:

> jeffc226@yahoo.com writes:
>
> > Not hip to email technology as it goes through the internet. Would it
> > be possible for someone working at the ISP for some domain abc.com to
> > check logs of what email address was sending and receiving emails from
> > another email address?
>
> All mail servers routinely log all messages they send and receive.
> How long the logs are kept depends on the individual mail server. It
> is certainly possible for any mail server to keep copies of all
> messages they handle. Many mail servers specifically have the ability
> to do so; many organizations (banks, brokers, etc…) are legally
> required to archive copies of all correspondence, for compliance
> purposes.
>
>
> > I'm sure it's possible of course but would it
> > be considered illegal to do so, or unethical in the sense they might
> > lose their job?
>
> Of course not. In some situations they'd lose their job if they DON'T
> keep complete archives of all E-mail correspondence.

Often it is illegal.

It is even illegal collect form logs to where there was correspondence
on particular user (without court order).


/ Kari Hurtta

Re: Tracing email traffic

>Not hip to email technology as it goes through the internet. Would it
>be possible for someone working at the ISP for some domain abc.com to
>check logs of what email address was sending and receiving emails from
>another email address? I'm sure it's possible of course but would it
>be considered illegal to do so, or unethical in the sense they might
>lose their job? Or would it be more or less public knowledge if some
>internet savvy person even outside the ISP knew where to look? I think
>obviously it would be available to a system administrator local to
>domain abc.com.
>
>How about email contents themselves? Do many ISPs encrypt email making
>it difficult for even an employee to decipher, or is that usually left
>as an exercise to the sender of the email to take care of?

You're absolutely right with your assumptions.

It's common practice that they (ISPs, TLAs ...) scrutinize
a) who communicates with whom
and
b) the information that is exchanged.

Therefore to be on the safe side you have to
ad a) use anonymous remailers
(Mixmaster, Mixminion, Quicksilver, Omnimix, Jack B. Nymble)
and
ad b) encrypt your messages
(PGP, GPG).

Be cautious!
..