On Wed, Oct 03, 2001 at 12:55:08PM -0600, Nate Williams wrote:
> > Tell me, is your mail compliant with the non-disclosure of "Bcc:"
> > recipients requirement?  If fetchmail doesn't strip the tunneling
> > headers (it doesn't), then the headers disclose "Bcc:"'ed
> > recipients to anyone who chooses to look.
> It sure is, because it's the responsibility of the mail sending program
> to handle this.  Fetchmail is a mail retrieval program, so it's only job
> is to fetch the mail that is already delivered to me.

You have missed the point:
It's the responsibility of of the sending program not to put bcc
informations into the data part of the mail.
Since POP3 only stores the data part you won't see it unless
the mailserver puts envelope informations into the data part.
Now that it's the job of the POP3 client to remove these and
reuse it as envelope informations.

The typical Problems are:
 - Cheap implementations try to guess envelope informations from the
   To: and CC: Header.
 - Better implementations require envelope informations put into the
   header part by the MTA on the POP3 Server.
 - Realy working implementations also need to remove the helper headers.
   Otherwise a recpient would get the header encoded envelope.

B.Walter              COSMO-Project         http://www.cosmo-project.de
[EMAIL PROTECTED]         Usergroup           [EMAIL PROTECTED]

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to