T-Mobile snafu inspires email interception claims
The operator comes in for some stick after an upgrade error leads to email over 3G being blocked.
A T-Mobile gaffe has led to claims the company was intercepting customers' secure email correspondence.
Customers had complained of not being able to send TLS-secured SMTP email over T-Mobile 3G.
One user noted in a forum in November that when connected to Wi-Fi, emails were sent instantaneously. Despite T-Mobile support teams attempting to solve the issue, the affected user continued having issues.
We have worked with our supplier to fix this issue and it has now been resolved.
T-Mobile has revealed a botched firmware upgrade was to blame.
"We would like to reassure our customers that we do not use our network to access the content of their emails nor are we doing anything that would jeopardise their data security," a T-Mobile spokesperson said.
"Following a firmware upgrade we were made aware of a fault by a small number of our customers in December. This fault was mistakenly preventing certain SMTP traffic. We have worked with our supplier to fix this issue and it has now been resolved. A small number of customers will have been affected by this error and we apologise for any inconvenience caused to them."
A T-Mobile spokesperson said the firmware upgrade took place in September.
T-Mobile blocks certain traffic, such as spam and blacklisted websites typically coming through unauthenticated SMTP. The vendor claimed it was attempting to continue blocking such traffic.
Nevertheless, the mistake was not fixed for between three to four months.
Web developer and security researcher Mike Cardwell complained about the SMTP traffic blocking earlier this month, but also claimed he was unable to access his VPN via his phone.
"With the new SIM, no matter which port I configure OpenVPN on, the RST [reset] packets appear. IMAP over SSL on port 993 works fine, but if I switch that off and configure OpenVPN to listen on port 993, it is blocked," Cardwell said in a blog post.
"So the blocks aren't even port based. They've got some really low level deep packet inspection technology going on here."
However, T-Mobile said it had not seen any issues with VPN access.
"The majority of our customers are able to access VPN's providing the proposition they have bought has been set up in this way," the spokesperson added.
"Customers requiring VPN access can check with us before making a purchase, all details will also be included in the terms and conditions."
All customers who breach the fair use policy will be blocked for VPN usage, T-Mobile said.
The case for a marketing content hub
Transform your digital marketing to deliver customer expectationsDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now
IT faces new security challenges in the wake of COVID-19
Beat the crisis by learning how to secure your networkDownload now