[plug] PLUG headers revealing email addresses

Steve Boak sboak at westnet.com.au
Wed Feb 26 10:57:31 UTC 2014 

On 26/02/14 14:37, James Henstridge wrote:
> On Mon, Feb 24, 2014 at 9:36 AM, Steve Boak <sboak at westnet.com.au> wrote:
>> Hi
>>
>> I just happened to be looking through the source of a plug list message and
>> saw this in the headers (and yes, my address  is one of them)
>>
>> X-Envelope-To: bxxx at westnet.com.au, bxxx at westnet.com.au,
>> cxxx at westnet.com.au,
>>   gxxx at westnet.com.au, gxxx at westnet.com.au, jxxx at westnet.com.au,
>>   mxxx at westnet.com.au, mxxx at westnet.com.au, nxxx at westnet.com.au,
>>   rxxx at westnet.com.au, sxxx at westnet.com.au, vxxx at westnet.com.au,
>>   wxxx at westnet.com.au
>>
>> I've anonymised them of course, but interesting to note that it's only
>> westnet addresses showing up here. Is this an artefact of the way the list
>> mailer groups it's send list?
>>
>> Can these be hidden in some way, or is that just the way the list works?
> Hi Steve,
>
> I don't see that header in any of the PLUG messages in my archive.
> Given that the addresses you've listed are all @westnet.com.au, is it
> possible that the header is being added by your ISP?  The ordering of
> the header relative to the "Received" headers might give a clue about
> whether this is the case.
>
> When sending bulk mail (such as mailing list traffic), it isn't
> uncommon to group the delivery in this way to cut down on traffic.
> There may be an option in mailman to deliver messages independently,
> but it is really the ISP that is leaking the information to you.
>
> James.

Hi James

The adding of the X-Envelope-To header with multiple westnet addresses 
started on the 1st of February (this year), and every email I have 
received directly from the plug list since then has it. Emails which are 
addressed to me and cc'ed to the plug list (such as your email above) 
don't, even though they are delivered to the same addresses.

Thanks for the tip about the ordering of headers - the extract below 
seems to indicate that it is iinet's mail server at fault.

X-IronPort-AV: E=Sophos;i="4.97,527,1389715200"; d="scan'208";a="185453217"
X-Envelope-To: bxxx at westnet.com.au, bxxx at westnet.com.au, 
cxxx at westnet.com.au,
gxxx at westnet.com.au, gxxx at westnet.com.au, jxxx at westnet.com.au,
mxxx at westnet.com.au, mxxx at westnet.com.au, nxxx at westnet.com.au,
rxxx at westnet.com.au, sxxx at westnet.com.au, vxxx at westnet.com.au,
wxxx at westnet.com.au
Received: from unknown (HELO power.plug.org.au) ([54.252.97.56]) by 
icp-osb-irony-in14.iinet.net.au with ESMTP; 23 Feb 2014 10:51:27 +0800
Received: from power.plug.org.au (localhost [IPv6:::1]) by 
power.plug.org.au (Postfix) with ESMTP id 9D0965D489; Sun, 23 Feb 2014 
02:54:04 +0000 (UTC)
X-Original-To: plug at plug.org.au

I'll approach Westnet for an explanation.

Steve

More information about the plug mailing list