HELP!!
An ex employee of one of my customer has boasted that he has
intercepted
every single e-mail sent by one of the current employees. He has
displayed such an e-mail, and said that he used the security fault in

realplayer 7 (with an opening on port 8080). The customer is using
Border
Manager 3.5 with Groupwise 5.5 EP. All the normal filters are in
place,
and it has passsed an external security chec., Telnet into the system
is
limited to the Service Provider TCP/IP e-mail server addresses. There
is
an FTP server, but this is proxied as well as the Web Server. NAT is
also
invoked upon the system.

Does anyone have any idea how the e-mail is being captured, what
access
he has into the system and what measure are needed on the filtering
side.
(ie Block Realpayer, etc).

Any pointers or help at this stage would be thankfully appreciated.

Regards

ChasR.