[plug] PLUG headers revealing email addresses

Leon Wright techman83 at gmail.com
Thu Feb 27 03:36:40 UTC 2014 

Nice work investigating this James/Krystin. Keep us posted on how it pans
out. If the mailing list needs some tweaking to avoid it occurring, I'll
discuss it with the admin team.

Leon

--
DRM 'manages access' in the same way that jail 'manages freedom.'

# cat /dev/mem | strings | grep -i cats
Damn, my RAM is full of cats... MEOW!!


On Wed, Feb 26, 2014 at 10:13 PM, Steve Boak <sboak at westnet.com.au> wrote:

> On 26/02/14 20:16, Krystin Dix wrote:
>
>> Hey Steve,
>>
>> I will pass this on to the guys responsible and see what they say. (I
>> currently work for iiNet / Westnet Hosting).
>>
>> It is interesting to see that it is done this way. If you wouldn't mind
>> forwarding me off list the exact headers received to
>> kdix at staff.iinet.net.au and I will come back here with a response.
>>
>
> Done
>
>
>  Thanks
>> Krystin Dix
>>
>> -----Original Message-----
>> From: plug [mailto:plug-bounces at plug.org.au] On Behalf Of Steve Boak
>> Sent: Wednesday, February 26, 2014 6:58 PM
>> To: plug at plug.org.au
>> Subject: Re: [plug] PLUG headers revealing email addresses
>>
>> On 26/02/14 14:37, James Henstridge wrote:
>>
>>> On Mon, Feb 24, 2014 at 9:36 AM, Steve Boak <sboak at westnet.com.au>
>>> wrote:
>>>
>>>> Hi
>>>>
>>>> I just happened to be looking through the source of a plug list
>>>> message and saw this in the headers (and yes, my address  is one of
>>>> them)
>>>>
>>>> X-Envelope-To: bxxx at westnet.com.au, bxxx at westnet.com.au,
>>>> cxxx at westnet.com.au,
>>>>    gxxx at westnet.com.au, gxxx at westnet.com.au, jxxx at westnet.com.au,
>>>>    mxxx at westnet.com.au, mxxx at westnet.com.au, nxxx at westnet.com.au,
>>>>    rxxx at westnet.com.au, sxxx at westnet.com.au, vxxx at westnet.com.au,
>>>>    wxxx at westnet.com.au
>>>>
>>>> I've anonymised them of course, but interesting to note that it's
>>>> only westnet addresses showing up here. Is this an artefact of the
>>>> way the list mailer groups it's send list?
>>>>
>>>> Can these be hidden in some way, or is that just the way the list works?
>>>>
>>> Hi Steve,
>>>
>>> I don't see that header in any of the PLUG messages in my archive.
>>> Given that the addresses you've listed are all @westnet.com.au, is it
>>> possible that the header is being added by your ISP?  The ordering of
>>> the header relative to the "Received" headers might give a clue about
>>> whether this is the case.
>>>
>>> When sending bulk mail (such as mailing list traffic), it isn't
>>> uncommon to group the delivery in this way to cut down on traffic.
>>> There may be an option in mailman to deliver messages independently,
>>> but it is really the ISP that is leaking the information to you.
>>>
>>> James.
>>>
>> Hi James
>>
>> The adding of the X-Envelope-To header with multiple westnet addresses
>> started on the 1st of February (this year), and every email I have received
>> directly from the plug list since then has it. Emails which are addressed
>> to me and cc'ed to the plug list (such as your email above) don't, even
>> though they are delivered to the same addresses.
>>
>> Thanks for the tip about the ordering of headers - the extract below
>> seems to indicate that it is iinet's mail server at fault.
>>
>> X-IronPort-AV: E=Sophos;i="4.97,527,1389715200";
>> d="scan'208";a="185453217"
>> X-Envelope-To: bxxx at westnet.com.au, bxxx at westnet.com.au,
>> cxxx at westnet.com.au, gxxx at westnet.com.au, gxxx at westnet.com.au,
>> jxxx at westnet.com.au, mxxx at westnet.com.au, mxxx at westnet.com.au,
>> nxxx at westnet.com.au, rxxx at westnet.com.au, sxxx at westnet.com.au,
>> vxxx at westnet.com.au, wxxx at westnet.com.au
>> Received: from unknown (HELO power.plug.org.au) ([54.252.97.56]) by
>> icp-osb-irony-in14.iinet.net.au with ESMTP; 23 Feb 2014 10:51:27 +0800
>> Received: from power.plug.org.au (localhost [IPv6:::1]) by
>> power.plug.org.au (Postfix) with ESMTP id 9D0965D489; Sun, 23 Feb 2014
>> 02:54:04 +0000 (UTC)
>> X-Original-To: plug at plug.org.au
>>
>> I'll approach Westnet for an explanation.
>>
>> Steve
>>
>> _______________________________________________
>> PLUG discussion list: plug at plug.org.au
>> http://lists.plug.org.au/mailman/listinfo/plug
>> Committee e-mail: committee at plug.org.au
>> PLUG Membership: http://www.plug.org.au/membership
>>
>
>
> --
> Steve Boak, (08) 9756 0662, P.O. Box 240, Nannup, WA 6275
> Engin VOIP number (08) 6461 6187 (local number in Perth)
> Photos http://www.flickr.com/photos/jalbarragup_artworks/
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://lists.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.org.au
> PLUG Membership: http://www.plug.org.au/membership
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20140227/6dda79fb/attachment.html>

More information about the plug mailing list