Re: Serious information leak in Ximian Evolution

To: Thierry Florac <thierry.florac@onf.fr>
Cc: S?ren Boll Overgaard <dev-null@treebeard.tolkien.dk>, Debian-gtk-gnome list <debian-gtk-gnome@lists.debian.org>
Subject: Re: Serious information leak in Ximian Evolution
From: Walter Reed <wreed@hubinternet.com>
Date: Mon, 20 Jan 2003 08:05:38 -0500
Message-id: <20030120130538.GA4394@hubinternet.com>
In-reply-to: <1043060131.19853.11.camel@m22241>
References: <1042889805.677.102.camel@hactar2.prater.csk> <1042898829.18229.10.camel@spoon.fork.dk> <1043060131.19853.11.camel@m22241>

<edited>
Thierry Florac said:
> On Sat, 2003-01-18 at 15:07, S?ren Boll Overgaard wrote:
> > It is not the job of evolution to hide Bcc recipients, that is the job
> > of the SMTP-server being used.
> > Bcc recipient specification in evolution is just a nice way of
> > specifying addresses to be included in rcpt to: smtp commands, which are
> > not included in either the cc: or to: headers.
> > 
> > It is the job of the smtp-server to remove any bcc: headers in email
> > messages.
> 
> After reading RFC2822 which discuss the "Internet Message Format", it
> seems that thinks are not so clear, and that it's very implementation
> dependant !!  And it's never discussed in any way that it's the SMTP
> server's job to rebuild message's and delete such headers...
> Anyway, this made Balsa maintainers to modify their "Bcc"
> implementation...

Hmm. It may depend on how exim / sendmail / whatever is being called.

The exim man page says this:

       -t     When Exim is receiving a  locally-generated,  non-SMTP
              message on the current input, the -t option causes the
              recipients of the message to be obtained from the To:,
              Cc:,  and  Bcc: headers in the message instead of from
              the command arguments.  The  addresses  are  extracted
              before any rewriting takes places.

              If  there  are  in  fact  any  arguments, they specify
              addresses to which the message is not to be delivered.
              That  is,  the argument addresses are removed from the
              recipients list obtained from  the  headers.  This  is
              compatible  with  Smail  3  and in accordance with the
              documented behaviour of Sendmail. However, it has been
              reported that in some versions at least, Sendmail adds
              argument addresses to those obtained from the headers.
              Exim  can be made to behave in this way by setting the
              option extract_addresses_remove_arguments false.

              If a Bcc: header is present, it is  removed  from  the
              message unless there is no To: or Cc: header, in which
              case a Bcc: header with no data is created, in  accor-
              dance with RFC 822.

Most of the MUA's that I have seen use the -t option. As far as I can
recall, sendmail has the exact same behavior. If someone familier with
evolution source can check how sendmail is called we will know for sure
that it's being called correctly.

Looking at the evolution config, you have the option of choosing SMTP or
Sendmail as a delivery method.  Are you sure you are using sendmail and
not smtp?

Reply to:

References:
- Serious information leak in Ximian Evolution
  - From: Csillag Kristóf <fenwick@freemail.hu>
- Re: Serious information leak in Ximian Evolution
  - From: Søren Boll Overgaard <dev-null@treebeard.tolkien.dk>
- Re: Serious information leak in Ximian Evolution
  - From: "Thierry Florac" <thierry.florac@onf.fr>

Prev by Date: Re: Serious information leak in Ximian Evolution
Next by Date: Re: fontconfig
Previous by thread: Re: Serious information leak in Ximian Evolution
Next by thread: Re: Serious information leak in Ximian Evolution
Index(es):
- Date
- Thread