Full Disclosure mailing list archives
Re: SPAM and "undisclosed recipients"
From: Kristian Hermansen <khermansen () ht-technology com>
Date: Sat, 15 Nov 2003 17:04:13 -0500
On Sat, 2003-11-15 at 12:22, Jason DiCioccio wrote:
Kristian, What you are seeing is that you were BCC'd on the message. In the process of an email transaction there are multiple times at which recipients are specified. There is one at the sender's mailserver, where he specifies every recipient that is going to receive his message. He does this in the form of 'MAIL TO: <email@address>' and repeats it until all of the recipients have been listed. The mail server then takes that information and connects to all the mail servers it must connect to in order to deliver the message to all of the recipients that the sender specified. Now, as for what you see in your mail client: That is the To: and CC: headers. They are specified in the actual message data and are independent of the recipient information that the sender sends to his mail server. So, the definition of a BCC (Blind Carbon Copy) really is just a recipient that does not get listed in the message header. Instead, it is only sent to the mail server as part of the MAIL TO: command sequences. The most information you will likely be able to retrieve about who received the message is from your Received: headers. You should be able to tell from there (depending on the mail server) which alias or address the sender actually specified when he attempted to send the message. This can be handy if you have multiple aliases and are wondering which one the spam is getting to. Hope this helped. Regards, -JD- --On Saturday, November 15, 2003 11:10 AM -0500 Kristian Hermansen <khermansen () ht-technology com> wrote:I have a small question about SPAM emails that are sent to "undisclosed recipients". Does this just mean that the server stripped the header before sending it to my account? I don't understand how it could make it to my server, let alone my email account, if nothing was specified. Does this raise any security issues? Kristian Hermansen CEO - H&T Technology Solutions khermansen () ht-technology com
Yeah, that's exactly what I needed to know. I have about 5 email accounts that I regulary check, but some SPAM came in this way and was hard to determine which account it went to. By checking the received header more carefully I was able to determine it. When the hell are we going to have a new RFC that eliminates the possibility of SPAM and makes it secure by default? Is it really that difficult? Kris Hermansen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- SPAM and "undisclosed recipients" Kristian Hermansen (Nov 15)
- Re: SPAM and "undisclosed recipients" Valdis . Kletnieks (Nov 15)
- Re: SPAM and "undisclosed recipients" Jason DiCioccio (Nov 15)
- Re: SPAM and "undisclosed recipients" Kristian Hermansen (Nov 15)
- RE: SPAM and "undisclosed recipients" Steve Wray (Nov 15)
- RE: SPAM and "undisclosed recipients" Jonathan A. Zdziarski (Nov 15)
- RE: SPAM and "undisclosed recipients" Kristian Hermansen (Nov 15)
- RE: SPAM and "undisclosed recipients" Scott Taylor (Nov 15)
- Re: SPAM and "undisclosed recipients" Michael Gale (Nov 15)
- RE: SPAM and "undisclosed recipients" Jonathan A. Zdziarski (Nov 15)
- Re: SPAM and "undisclosed recipients" Kristian Hermansen (Nov 15)