Re: "for" clause on Received: header field

ietf-smtp

Re: "for" clause on Received: header field

2007-04-30 08:59:09


Kari Hurtta wrote:

        If mail have just one envelope recipient and
        that is copied to "for" clause, that does not disclose
        possible Bcc: recipients (only possible BCC recipient
        for that copy of mail is just that recipient of mail.)


This is what Sendmail does by default, I believe.  It only includes
the for clause if there's one envelope recipient.

However, it could still be an information leak if the single envelope
recipient is a mailing list.  For example:

Received: ... for 
<unsuspecting_people_to_be_fired_in_two_weeks(_at_)example(_dot_)org>

Contrived, I know. :-)

Regards,

David.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Issue list, (continued) Re: Issue list, John C Klensin Re: Issue list, Frank Ellermann Re: Issue list, John C Klensin Re: Issue list, Tony Hansen Re: Issue list, John C Klensin General-Address-Literal (was: Issue list), Frank Ellermann **"for" clause on

Previous by Date:	Re: "for" clause on Received: header field, Kari Hurtta
Next by Date:	Re: Recap Issues 0b/21/25, John Leslie
Previous by Thread:	Re: "for" clause on Received: header field, Kari Hurtta
Next by Thread:	Re: "for" clause on Received: header field, ned+ietf-smtp
Indexes:	[Date] [Thread] [Top] [All Lists]