Some versions of popper and qpopper from qualcomm allow you to read other peoples email. There are quite a few situations in which you need your mail spool directory chmodded 1777. If you have local users on a machine with the mail spool directory, they can create symbolic links from the temporary pop drop box to a file that they can read. See if youre vulnerable: 1) touch /tmp/lumpy; chmod 777 /tmp/lumpy 2) ln -s /tmp/lumpy /var/mail/.luser.pop 3) wait for them to check their email. 4) while they are reading it from the pop server, look at the file in the tmp dir. Apparently it is fixed in the newest version.