Re: a question about e-mails

[Dave Sherohman <esper () sherohman org>]

On Fri, Feb 27, 2004 at 10:16:43AM -0500, Pamela Patterson wrote:
> OK,you tell me who this was bcc'ed to, and I'll believe you.  I can't
> get the bcc to show in the headers even if I sit at the command line of
> the mail server and type "mail foo -b bar" when both foo and bar are
> local addresses.  I can see the bcc info in the message when it's in the
> Postfix queue, but not once it is delivered.
>
> Maybe what you did only works when you are using sendmail and reading
> the mail on the same machine it was composed on.

No, actually I suspect that it works (or, rather, doesn't work)
because he _isn't_ using sendmail.  Note in Nico's headers that he is
using mutt on a Debian system.  Debian's default MTA is exim.
According to my (Debian-supplied) /etc/Muttrc,

# Exim does not remove Bcc headers
unset write_bcc

Therefore, if he is using exim and has customized his /etc/Muttrc and
~/.muttrc such that write_bcc is being left at its apparent default
of being on, then, yes, he probably is leaking Bcc information.  This
is, however, a flaw in his particular combination of MUA and MTA, not
standard behaviour.

-- 
The freedoms that we enjoy presently are the most important victories of the
White Hats over the past several millennia, and it is vitally important that
we don't give them up now, only because we are frightened.
  - Eolake Stobblehouse (http://stobblehouse.com/text/battle.html)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html