Re: [Full-Disclosure] SPAM and "undisclosed recipients"
Valdis.Kletnieks_at_vt.edu
Date: 11/15/03
- Previous message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] SSH Exploit Request"
- In reply to: Kristian Hermansen: "[Full-Disclosure] SPAM and "undisclosed recipients""
- Next in thread: Jason DiCioccio: "Re: [Full-Disclosure] SPAM and "undisclosed recipients""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Kristian Hermansen <khermansen@ht-technology.com> Date: Sat, 15 Nov 2003 12:07:53 -0500
On Sat, 15 Nov 2003 11:10:37 EST, Kristian Hermansen <khermansen@ht-technology.com> said:
> I have a small question about SPAM emails that are sent to "undisclosed
> recipients". Does this just mean that the server stripped the header before
> sending it to my account? I don't understand how it could make it to my
> server, let alone my email account, if nothing was specified. Does this
> raise any security issues?
Mail is actually routed via the RFC821/2821 MAIL FROM and RCPT TO commands, not
by the RFC822/2822 From:/To:/cc:/Bcc: lines. Think - mail from this list gets to you
even though you're not in the To: line. :)
"undisclosed recipients" just means that somebody/something decided to add into
the rfc822 headers the fact that the mail was bcc'ed to multiple people.
See rfc2822, sections 3.6.3 and 5 about bcc: for more details on this.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
- Previous message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] SSH Exploit Request"
- In reply to: Kristian Hermansen: "[Full-Disclosure] SPAM and "undisclosed recipients""
- Next in thread: Jason DiCioccio: "Re: [Full-Disclosure] SPAM and "undisclosed recipients""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
