Re: Potential disclosure of sensitive information in Netscape 7.0 email client

[Bartek Raszczyk <crayfish () underground org pl>]

Hello Michael,

Wednesday, January 1, 2003, 12:19:49 PM, you wrote:

MP> Netscape 7.0 includes, as part of it's release, an email client, capable of
MP> handling POP3 and IMAP accounts. The method that the email client utilizes
MP> to permanently delete email messages is not explained, which could lead to
MP> users having large quantities of email messages, which they would think of
MP> as permanently deleted, still stored in clear text on their hard disks.

      The same applies to Ritlab's The Bat! (up to version 1.60c i'm
      currently using).

      The Bat! stores all of the messages in
      $thebathome\mail\$accountname\$foldername\Messages.tbb and
      status information in Messages.tbi (without customization and
      message filtering all mail goes to $foldername named inbox).
      All messages remain there until Folder|Compress function is used.

      The question is - is that a feature or a bug?
      I'm using The Bat! for nearly three years now and it's there
      from where I can remember (although there were dozen or so version changes).


-- 
Best regards,
 Bartek Raszczyk                           mailto:crayfish () underground org pl