Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Email body is NOT private (Score 1) 352

by huiac (#21154769) Attached to: US Democrats Accidentally Publish Whistleblowers' Email Addresses
You misunderstand how BCCs (or perhaps the SMTP envelope) works.

BCC, like any email header, is part of the email body, and is likely to be preserved as part of the email body until 'final delivery', at which point it *may* be removed by the MTA. I say *may*, because what constitutes final delivery isn't as well-defined as you might suppose (think procmail or fetchmail), and MTAs may be configured to preserve Bcc for the benefit of users/downstream mail systems. And *any* MTA that handles a copy of the message may see the BCC header, as it isn't guaranteed to be removed until delivery, if at all.

The SMTP envelope is what actually determines routing in a pure SMTP system, and MUAs typically construct the SMTP envelope from the email body when talking to whatever SMTP agent you configure them to use - but this isn't always the case (think mailing lists). Additionally, the SMTP envelope only carries those addresses you're asking the SMTP server to route - if you're the originating MUA that's every addressee, but if you're a recipient's MTA that's only the addresses you're expected to actually deliver to.

A further wrinkle, which I glossed over in my original post, involves the 'Received from' headers that each MTA will add to the meesage - if they are receiving the message for a single recipient this will generally include the recipient address, so for best security (i.e., to protect the recipient's identity even if someone third party stumbled across a copy of the message including all headers, as it was deliviered to the anonymous recipient) you'd ideally want them to have two separate mailboxes on the same mail system, and send it to both - that way the 'Received from' headers would nwever contain an actual recipient address.

John.

"It ain't so much the things we don't know that get us in trouble. It's the things we know that ain't so." -- Artemus Ward aka Charles Farrar Brown

Working...