[plug] PLUG headers revealing email addresses
sboak at westnet.com.au
Wed Feb 26 14:13:46 UTC 2014
On 26/02/14 20:16, Krystin Dix wrote:
> Hey Steve,
> I will pass this on to the guys responsible and see what they say. (I currently work for iiNet / Westnet Hosting).
> It is interesting to see that it is done this way. If you wouldn't mind forwarding me off list the exact headers received to kdix at staff.iinet.net.au and I will come back here with a response.
> Krystin Dix
> -----Original Message-----
> From: plug [mailto:plug-bounces at plug.org.au] On Behalf Of Steve Boak
> Sent: Wednesday, February 26, 2014 6:58 PM
> To: plug at plug.org.au
> Subject: Re: [plug] PLUG headers revealing email addresses
> On 26/02/14 14:37, James Henstridge wrote:
>> On Mon, Feb 24, 2014 at 9:36 AM, Steve Boak <sboak at westnet.com.au> wrote:
>>> I just happened to be looking through the source of a plug list
>>> message and saw this in the headers (and yes, my address is one of
>>> X-Envelope-To: bxxx at westnet.com.au, bxxx at westnet.com.au,
>>> cxxx at westnet.com.au,
>>> gxxx at westnet.com.au, gxxx at westnet.com.au, jxxx at westnet.com.au,
>>> mxxx at westnet.com.au, mxxx at westnet.com.au, nxxx at westnet.com.au,
>>> rxxx at westnet.com.au, sxxx at westnet.com.au, vxxx at westnet.com.au,
>>> wxxx at westnet.com.au
>>> I've anonymised them of course, but interesting to note that it's
>>> only westnet addresses showing up here. Is this an artefact of the
>>> way the list mailer groups it's send list?
>>> Can these be hidden in some way, or is that just the way the list works?
>> Hi Steve,
>> I don't see that header in any of the PLUG messages in my archive.
>> Given that the addresses you've listed are all @westnet.com.au, is it
>> possible that the header is being added by your ISP? The ordering of
>> the header relative to the "Received" headers might give a clue about
>> whether this is the case.
>> When sending bulk mail (such as mailing list traffic), it isn't
>> uncommon to group the delivery in this way to cut down on traffic.
>> There may be an option in mailman to deliver messages independently,
>> but it is really the ISP that is leaking the information to you.
> Hi James
> The adding of the X-Envelope-To header with multiple westnet addresses started on the 1st of February (this year), and every email I have received directly from the plug list since then has it. Emails which are addressed to me and cc'ed to the plug list (such as your email above) don't, even though they are delivered to the same addresses.
> Thanks for the tip about the ordering of headers - the extract below seems to indicate that it is iinet's mail server at fault.
> X-IronPort-AV: E=Sophos;i="4.97,527,1389715200"; d="scan'208";a="185453217"
> X-Envelope-To: bxxx at westnet.com.au, bxxx at westnet.com.au, cxxx at westnet.com.au, gxxx at westnet.com.au, gxxx at westnet.com.au, jxxx at westnet.com.au, mxxx at westnet.com.au, mxxx at westnet.com.au, nxxx at westnet.com.au, rxxx at westnet.com.au, sxxx at westnet.com.au, vxxx at westnet.com.au, wxxx at westnet.com.au
> Received: from unknown (HELO power.plug.org.au) ([126.96.36.199]) by icp-osb-irony-in14.iinet.net.au with ESMTP; 23 Feb 2014 10:51:27 +0800
> Received: from power.plug.org.au (localhost [IPv6:::1]) by power.plug.org.au (Postfix) with ESMTP id 9D0965D489; Sun, 23 Feb 2014
> 02:54:04 +0000 (UTC)
> X-Original-To: plug at plug.org.au
> I'll approach Westnet for an explanation.
> PLUG discussion list: plug at plug.org.au
> Committee e-mail: committee at plug.org.au
> PLUG Membership: http://www.plug.org.au/membership
Steve Boak, (08) 9756 0662, P.O. Box 240, Nannup, WA 6275
Engin VOIP number (08) 6461 6187 (local number in Perth)
More information about the plug