RE: [Full-Disclosure] a question about e-mails

• Previous message: Remko Lodder: "RE: [Full-Disclosure] Need help in performing a remote vulnerabilityscan"
• Maybe in reply to: ASLI Unur: "[Full-Disclosure] a question about e-mails"
• Next in thread: Remko Lodder: "RE: [Full-Disclosure] a question about e-mails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Fri, 27 Feb 2004 16:06:43 +0100

Of course you can see that on the SENDING end ...
Not on the receiving end though ...

-----Original Message-----
From: Nico Golde [mailto:nion@gmx.net]
Sent: donderdag 26 februari 2004 14:36
To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] a question about e-mails

Hallo Chris,

* Chris Smith <chris.rs@xtra.co.nz> [2004-02-26 13:50]:
> > I have a question for it experts. I want to learn if there is any way of
> > understanding/finding the e-mail addresses at BCC part on an e-mail that
is
> > send to you.
> >
> > Thanks for your consideration.
>
> Um, AFAIK the headers are stripped by the MTA on delivery to recipients
> (except perhaps the recipient who was listed in the BCC field, but I'm not

> sure and will most likely vary between MTA).
>
> I'm sure the SMTP RFC would probably help out on this.

I tested it on my system.
i send a mail to nico and bcc root.
here is the mail header:
        From nion@gmx.net Thu Feb 26 14:28:30 2004
        Return-Path: nion@gmx.net
        Received: by
                via sendmail from stdin
                id <m1AwLZ0-001n35C@ngolde.de> (Debian Smail3.2.0.114)
                Thu, 26 Feb 2004 14:28:30 +0100 (CET)
        Date: Thu, 26 Feb 2004 14:28:30 +0100
        From: Nico Golde <nion@gmx.net>
        To: nico
        Bcc: root

^^^^^^^^^
here is the bcc line

        Subject: test
        Message-ID: <20040226132830.GA829@ngolde.de>

[...]
regards nico

-- 
Nico Golde nico <at> ngolde <dot> de
public key available on:
http://www.ngolde.de/gpg.html
echo "[q]sa[ln0=aln256%Pln256/snlbx]sb729901041524823122snlbxq"|dc
===========================================================
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen
bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt,
wordt u verzocht de inhoud niet te gebruiken en de afzender direct te
informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft
genomen om virussen in deze email of attachments te voorkomen, dient u ook
zelf na te gaan of virussen aanwezig zijn aangezien Orange niet
aansprakelijk is voor computervirussen die veroorzaakt zijn door deze
email..
The information contained in this message may be confidential and is
intended to be only for the addressee. Should you receive this message
unintentionally, please do not use the contents herein and notify the sender
immediately by return e-mail. Although Orange has taken steps to ensure that
this email and attachments are free from any virus, you do need to verify
the possibility of their existence as Orange can take no responsibility for
any computer virus which might be transferred by way of this email.
===========================================================
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Remko Lodder: "RE: [Full-Disclosure] Need help in performing a remote vulnerabilityscan"
• Maybe in reply to: ASLI Unur: "[Full-Disclosure] a question about e-mails"
• Next in thread: Remko Lodder: "RE: [Full-Disclosure] a question about e-mails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]