Daniel’s Stuff

Somewhere where I can muse about the things that interest me

Archive for the 'HTTPMail' Category

A little further with the decompression routine

June 27th, 2010 | Category: HTTPMail,Programming

I’ve gotten just a little bit further with the decompression code :)



X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MTtTQ0w9MA==

X-Message-Status: n:0

X-SID-PRA: Daniel Parnell <me@danielparnell.com>

X-Message-Info: JGTYoYF78jHVrAq/T4xfKLLpTvwPwE0t6g/vyq6tyzbqln5iNnXwcSMg41wQCSulCxd5N8UB57Lq6un/ug7i0YsGX30yo+pm

Received: from randymail-a4.g.dreamhost.com ([208.97.132.207]) by bay0-mc8-f11.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668);

Thu, 29 Jan 2009 16:06:38 -0800

Received: from 192-168-1-101.tpgi.com.au (60-241-72-192.static.tpgi.com.au [60.241.72.192])

(using TLSv1 with cipher AES128-SHA (128/128 bits))

(No client certificate requested)

by randymail-a4.g.dreamhost.com (Postfix) with ESMTP id 97A67194DD3

for <danielparnell@live.com>; Thu, 29 Jan 2009 16:06:26 -0800 (PST)

Message-Id: <8EEE4310-25CC-47BE-8FCB-330EBCD75A21@danielparnell.com>

From: Daniel Parnell <me@danielparnell.com>

To: danielparnell@live.com

Content-Type: multipart/mixed; boundary=Apple-Mail-33–583770588

Mime-Version: 1.0 (Apple Message framework v930.3)

Subject: more test messages

Date: Fri, 30 Jan 2009 11:06:23 +1100

X-Mailer: Apple Mail (2.930.3)

Return-Path: me@danielparnell.com

X-OriginalArrivalTime: 30 Jan 2009 00:06:38.0411 (UTC) FILETIME=[9F1AB1B0:01C9826E]


The headers of the email message are coming through now, and I’m starting to get the message body

4 comments

More Windows Live decompression progress

June 22nd, 2010 | Category: HTTPMail,Programming,Windows
I’ve not had much time recently to work on the decompression routines as family and work need to take priority over side projects…  Last night I picked the code up again and had a bit more of a look.  I found a couple of mistakes in the code I’d written and am now getting a bit further in the decompression :)

The expected results as before:

X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MTtTQ0w9MA==

X-Message-Status: n:0

X-SID-PRA: Daniel Parnell <me@danielparnell.com>

X-Message-Info: JGTYoYF78jHVrAq/T4xfKLLpTvwPwE0t6g/vyq6tyzbqln5iNnXwcSMg41wQCSulCxd5N8UB57Lq6un/ug7i0YsGX30yo+pm

Received: from randymail-a4.g.dreamhost.com ([208.97.132.207]) by bay0-mc8-f11.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668);

Thu, 29 Jan 2009 16:06:38 -0800

Received: from 192-168-1-101.tpgi.com.au (60-241-72-192.static.tpgi.com.au [60.241.72.192])

(using TLSv1 with cipher AES128-SHA (128/128 bits))

(No client certificate requested)

by randymail-a4.g.dreamhost.com (Postfix) with ESMTP id 97A67194DD3

for <danielparnell@live.com>; Thu, 29 Jan 2009 16:06:26 -0800 (PST)

Message-Id: <8EEE4310-25CC-47BE-8FCB-330EBCD75A21@danielparnell.com>

From: Daniel Parnell <me@danielparnell.com>

To: danielparnell@live.com

Content-Type: multipart/mixed; boundary=Apple-Mail-33–583770588

Mime-Version: 1.0 (Apple Message framework v930.3)

Subject: more test messages

Date: Fri, 30 Jan 2009 11:06:23 +1100

X-Mailer: Apple Mail (2.930.3)

Return-Path: me@danielparnell.com

X-OriginalArrivalTime: 30 Jan 2009 00:06:38.0411 (UTC) FILETIME=[9F1AB1B0:01C9826E]

What I’m getting now:

X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MTtTQ0w9MA==

X-Message-Status: n:0

X-SID-PRA: Daniel Parnell <me@danielparnell.com>

X-Message-Info: JGTYoYF78jHVrAq/T4xfKLLpTvwPwE0t6g/vyq6tyzbqln5iNnXwcSMg41wQCSulCxd5N8UB57Lq6un/ug7i0YsGX30yo+pm

Received: from randymail-a4.g.dreamhost.com ([208.97.132.207]) by bay0-mc8-f11.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668);

Thu, 29 Jan 2009 16:06:38 -0800

Received: from 192-168-1-101.tpgi.com.au (60-241-72-192.static.tpgi.com.au [60.241.72.192])

(using TLSv1 with cipher AES128-SHA (128/128 bits))

(No client certificate requested)

by 


Hopefully I’ll get some more time to work on the code soon :)

No comments

Windows Live compression update

January 30th, 2009 | Category: HTTPMail,Programming
I had a bit of time yesturday to spend working on the Windows Live compression reverse engineering.  I successfully decompressed around 20 bytes.  The previous record was 2 bytes ;)  There are two parts to the compression.  First is the compressed data and the second is pointers back into decompressed data.  The compressed data is working quite well, but the pointers to repeated blocks that have already been decompressed is off a little so I see some correct data and some rubbish.  Hopefully I’ll get some more time in the next couple of days to work on it some more. 

20 comments

OS X 10.5.6

December 16th, 2008 | Category: HTTPMail
As many people are aware Apple released Mac OS X 10.5.6 yesterday.  Unfortunately this broke the HttpMail plugin :(  After a little bit of poking around I found and fixed the problem.  The result is a new release of the plugin 1.53.  
Head on over to my downloads site at http://www.automagic-software.com/
Now, for a status report on Windows Live Mail reverse engineering.  I am still making progress.  I’m not getting as much time to work on it as I would like these days due to having two small children ;)  If anybody wants to donate a copy of the Hex-Rays decompiler then I imagine things would progress much faster ;)
61 comments

Windows Live Mail

August 27th, 2008 | Category: Cocoa,HTTPMail,Mac OS X,Programming,Web
Just a quick note to let everybody know that I’m making good progress reverse engineering the Windows Live Mail protocol.  With the help of a couple of other people I’ve managed to determine the nature of the compression used on the message data.  We’ve successfully managed to build the decompression table and I’m now working through the routine to do the actual decompression.  IDA Pro is an amazing piece of software and I highly recommend it if you ever need to do any reverse engineering of compiled programs.

23 comments

HTTPMail 1.52 released

June 17th, 2008 | Category: Cocoa,HTTPMail,Mac OS X,Web

I’ve received quite a lot of email about 10.5.3 breaking the plugin, and finally got around to looking into it today. I have uploaded a new version of the plugin that seems to work for me ;)
As always the latest version can be grabbed from my downloads page.

103 comments