lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1068933851.4518.13.camel@localhost>
From: khermansen at ht-technology.com (Kristian Hermansen)
Subject: SPAM and "undisclosed recipients"

On Sat, 2003-11-15 at 12:22, Jason DiCioccio wrote:
> Kristian,
>   What you are seeing is that you were BCC'd on the message.  In the 
> process of an email transaction there are multiple times at which 
> recipients are specified.  There is one at the sender's mailserver, where 
> he specifies every recipient that is going to receive his message.  He does 
> this in the form of 'MAIL TO: <email@...ress>' and repeats it until all of 
> the recipients have been listed.  The mail server then takes that 
> information and connects to all the mail servers it must connect to in 
> order to deliver the message to all of the recipients that the sender 
> specified.  Now, as for what you see in your mail client:  That is the To: 
> and CC: headers.  They are specified in the actual message data and are 
> independent of the recipient information that the sender sends to his mail 
> server.  So, the definition of a BCC (Blind Carbon Copy) really is just a 
> recipient that does not get listed in the message header.  Instead, it is 
> only sent to the mail server as part of the MAIL TO: command sequences. 
> The most information you will likely be able to retrieve about who received 
> the message is from your Received: headers.  You should be able to tell 
> from there (depending on the mail server) which alias or address the sender 
> actually specified when he attempted to send the message.  This can be 
> handy if you have multiple aliases and are wondering which one the spam is 
> getting to.
> 
> Hope this helped.
> 
> Regards,
> -JD-
> 
> --On Saturday, November 15, 2003 11:10 AM -0500 Kristian Hermansen 
> <khermansen@...technology.com> wrote:
> 
> >
> >
> > I have a small question about SPAM emails that are sent to "undisclosed
> > recipients".  Does this just mean that the server stripped the header
> > before sending it to my account?  I don't understand how it could make it
> > to my server, let alone my email account, if nothing was specified.  Does
> > this raise any security issues?
> >
> >
> >
> >
> >
> > Kristian Hermansen
> >
> > CEO - H&T Technology Solutions
> >
> > khermansen@...technology.com
> >
> >
> 
> 
> 
> 

Yeah, that's exactly what I needed to know.  I have about 5 email
accounts that I regulary check, but some SPAM came in this way and was
hard to determine which account it went to.  By checking the received
header more carefully I was able to determine it.  When the hell are we
going to have a new RFC that eliminates the possibility of SPAM and
makes it secure by default?  Is it really that difficult?

Kris Hermansen


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ