Here's an interesting tidbit someone may want to sleuth out a little more:

I googled GWB43, Peregrine Systems and Amdocs/cramer and found the following,
Cramer CEO resigns under fraud, conspiracy charges


Amdocs

Amdocs some may remember has contracts with the 25 biggest phone companies in America, and more worldwide. The White House and other secure government phone lines are protected, but it is virtually impossible to make a call on normal phones without generating an Amdocs record of it. Another is verint.

Also, I forget where but, I read GWB43 is using an OpenBSD platform. What difference that would make is not clear however, I found it interesting.
 

Joseph - it's not necessarily true that Rove does most of his work on that server. Those at the WH using gwb43.com addresses may still inject the mail via a WH gateway.

We need some emails with full headers.

As for Amdocs, it's part of the Israeli intelligence infrastructure in the US.

b
 

I'd add: unless forgery has occurred, the Message-ID header will tell you the name of the gateway server. This is not necessarily the same as the posting server.

If the gateway server is at the WH, records should be kept.

Which makes the scandal bigger, surely.

b
 

>>Joseph - it's not necessarily true that Rove does most of his work on that server. Those >>at the WH using gwb43.com addresses may still inject the mail via a WH gateway.


This is the 2nd time I’ve seen this stated and it is simply not true, or at the very best there is NO evidence to support this. The DNS MX records for the GWB43 domain point to FreeBSD servers (according to nmap) which have ALL the outward appearance of being mail gateways only. The only email service running on these servers is SMTP. No POP, no IMAP, on either the SSL or non-SSL ports. No web service for webmail either. There is NO good reason, technical or obfuscation related, to then “bounce” these emails off a White House mail gateway. These are the mail gateways.
I have no technical proof that these email are not then forwarded to White House servers for storage and access by their clients but if you think about why they are using outside email addresses they would have to be REALLY stupid to then forward them to White servers for storage.


The real question is who or what is providing the “mail stores” (as MS calls them) for these accounts. This is why it would be helpful to see a RAW email for one of these accounts.
 

Hi vividvew, I was suggesting that mail may have gone through a WH gateway before it reached the private servers, not after.

There is indeed no evidence to support this; it is pure speculation. But there is no evidence supporting the view that all emails got to the private server through other routes either. Are you sure they have never used POP?

As for stupid, the front-of-stage Bushites have often given the impression that they are very challenged upstairs. Rove's quip that the election was fixed from a WH basement was cretinous. Bush himself is like a village idiot. Sure, there must have been intelligent grown-up input into arranging the email system so that these fools didn't put their feet in it. But often enough, techies do just enough work to keep the clients happy, no more. OK, it's not the idiots in the family who were the clients here, but still...who knows what traces have been left - by oversight, arrogance, or whatever? Bush probably sends very few emails for this reason - he's not allowed. They may let him enjoy himself playing in a sandpit with a Caterpillar tractor, but giving him free rein with an internet account would be too dangerous. Meanwhile, haven't the grown-ups been stupid enough already, allowing some of these emails to come out?

Further judgement on the 'stupid' issue is reserved until I see an email with full headers :-)

b
 

b,
>>I was suggesting that mail may have gone through a WH gateway before it reached the private servers, not after.



I wasn't sure which one you meant. I went the other way.

Before is even less likely unless we include the possibility of an anonymous SMTP forwarders being intentionally used. Somehow I just don’t see it from Rove type folks.

The DNS MX records point to mailscan1 and mailscan2, so for incoming email this will be the first stop. It’s where DNS will point you. As for outgoing emails, who knows? It could be these gateways, it could be the same servers that provide the mail stores, could be WH servers.

There is just no good reason to think that it’s WH servers, and plenty of reasons it think its not. The top reason being that the whole point of all this is to get emails off of government servers. Why even pass them through WH servers? No reason I can think of.

Anyone with the right skills could start sending emails to this domain to try and elicit responses from the gateways and/or servers further along. Non-existent addresses, badly formed mail headers. There are a whole host of things that could be done that would answer all theses questions.

I’m just not going to be the one cuz I’m SCARED. If anyone were to notice… One call from these people, or whoever they get to take care of these thinks, to my school and I could be expelled instantly for “misuse” of my university’s network. Never mind the legal problems; I will have been kicked out of school 2 months from graduation. . I was kinda nervous even nmaping the gateways so… No thanx. Not me.
 

I can’t see anyway this doesn’t violate the Presidential Records Act.

Think about it this way. If you were corresponding via paper mail for official government business -- you walk outside the WH, mail a letter to a private address, with a private return address. This is the paper equivalent of what they are doing with email.

As for the Hatch Act, I haven’t studied the case law, but from a government issued pdf on Hatch.
http://www.osc.gov/documents/hatchact/ha_fed.pdf
page 5

>>May not use their official authority or influence to interfere with an election.
I think Joe covered this one well.

>> May not engage in political activity in any government office.
I don’t hear anyone suggesting that Rove or Gonzales walked out to a hotspot to send these emails.

So I think the 3rd possibility is that BOTH were violated. 