[opensuse] Is there a leak?
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way. The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge. Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Saturday 31 December 2011 18:29:48 Mark Misulich wrote:
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened. Well lets put it like this
while you have Thunderbird running run a term of some for and run tcpdump just watch where things get reported to . I have stopped taking the sused version of a lot of stuff and have just switched the laptop to Slackware 13.37 this box is next in line for slackware next week Pete . -- Powered by openSUSE 11.3 (x86_64) Kernel: 2.6.34.10-0.4-desktop not for long now KDE Development Platform: 4.6.5 (4.6.5) "release 7" 20:01 up 1 day 0:14, 4 users, load average: 0.24, 0.29, 0.17 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 12/31/2011 12:05 PM, Peter Nikolic wrote:
On Saturday 31 December 2011 18:29:48 Mark Misulich wrote:
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened. Well lets put it like this
while you have Thunderbird running run a term of some for and run tcpdump just watch where things get reported to .
I have stopped taking the sused version of a lot of stuff and have just switched the laptop to Slackware 13.37 this box is next in line for slackware next week
Pete .
It had nothing to do with Suse, and everything to do with Thunderbird and the browser you used to access the movies. Its not fair to lay that baby at Opensuse's door step. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
I'm going to top-post for once, because I want mark to see my words before I flame Pete. Mark, the simplest and most plausible explanation is that your friend shared your email address somehow or somewhere. This is the sad but true nature of email right now, there's simply no escape from spam. You can only (reasonably successfully) filter the crap into the bit bucket. I'm a bad person for this post, but I accept that because I'd rather be a bad person than not respond to this fool at least once this year. In the new year I'll be in agreement with the rest of the list and Pete's verbal diahoreah will go to /dev/null There's a wonderful online expression that really sums up the mixture of ignorance and blind stupidity that Pete shows every time he infects this list with his pearly words of wisdom. It's called the "facepalm". The "facepalm" is a textual[1] or pictorial[2] representation of a physical act. The physical act is to place ones upper face or forehead into the open hand, usually with a slightly bowed posture of the neck and head. It's common to have the elbow resting on the desk or table while performing the facepalm. The facepalm is truly a brilliant expression. It signifies exasperation, incredulity, confusion and even resignation; and often many or all of these at the same time. I'm sure most of you get the gist of what I'm trying to say, so I'll call a halt to my rant; but not before saying goodbye to Pete. Pete, I sincerely wish you a very happy new year. You're quite the character and I will miss the amusement your posts have caused over the years. On the other hand I wont have to clean my monitor quite so much because there will be less coffee spluttered all over it wihout your posts. Cheers the noo, Graham [1] http://www.asciifacepalm.com/ [2] http://picardfacepalm.com/ On Saturday 31 Dec 2011 20:05:01 Peter Nikolic wrote:
On Saturday 31 December 2011 18:29:48 Mark Misulich wrote:
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened.
Well lets put it like this
while you have Thunderbird running run a term of some for and run tcpdump just watch where things get reported to .
I have stopped taking the sused version of a lot of stuff and have just switched the laptop to Slackware 13.37 this box is next in line for slackware next week
Pete . -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Saturday 31 December 2011 21:02:30 Graham Anderson wrote:
I'm going to top-post for once, because I want mark to see my words before I flame Pete.
Well i will NOT top post because i am not a tosser Mark you are free to listen to whom you please i stae what i see as simple as .. These silly little boys that think they are being clever by having a go at me are just that silly spoilt little children . You want to fix the problem use non sused stuff when it comes to both Thunderbird and Firefox i have had enough of this Psudo distro one machine is already moved to Slackware new hdd for this one next week and it changes as well so the saddo's on this list can all go and fornicate in the corner till their eyes pop out of their heads To those Suse users that have assisted me in the past thanks to the rest go forth and come fifth Pete . -- Powered by openSUSE 11.3 (x86_64) Kernel: 2.6.34.10-0.4-desktop KDE Development Platform: 4.6.5 (4.6.5) "release 7" 00:52 up 1 day 5:05, 4 users, load average: 0.17, 0.18, 0.16 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 12/31/2011 7:58 PM, Peter Nikolic wrote:
On Saturday 31 December 2011 21:02:30 Graham Anderson wrote:
I'm going to top-post for once, because I want mark to see my words before I flame Pete.
Well i will NOT top post because i am not a tosser
Mark you are free to listen to whom you please i stae what i see as simple as ..
These silly little boys that think they are being clever by having a go at me are just that silly spoilt little children .
You want to fix the problem use non sused stuff when it comes to both Thunderbird and Firefox
i have had enough of this Psudo distro one machine is already moved to Slackware new hdd for this one next week and it changes as well so the saddo's on this list can all go and fornicate in the corner till their eyes pop out of their heads
To those Suse users that have assisted me in the past thanks to the rest go forth and come fifth
Pete .
Then stfu and go. If you don't like Suse, no one is forcing you to use it. If you're going to go, stop trolling and disappear. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Saturday, December 31, 2011 15:02 Graham Anderson wrote:
I'm going to top-post for once
And be a complete ass anyway for doing so. You and Dunsavage (and a few others...just about all that's left on this list actually) don't ever get the right again to tell anyone what to or not to say on this list, since you both decided it's okay to 'talk trash' but no one else can. You're the epitome of hypocrisy and whining little spoilt, pompous asses. You asshats can't stand anyone but yourselves giving 'advice' it seems and if it comes from someone you just don't care for you turn into the savages you accuse people like me or Pete of being when called out on your crap. Here's one for the both of you, FOAD, preferably as soon as possible so no more of my air is wasted by your breathing. -- Properly read, the Bible is the most potent force for atheism ever conceived. -Isaac Asimov -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/1/2012 8:31 PM, Insomniac wrote:
And be a complete ass anyway for doing so. You and Dunsavage (and a few others...just about all that's left on this list actually) don't ever get the right again to tell anyone what to or not to say on this list, since you both decided it's okay to 'talk trash' but no one else can. That's the second time now you have signaled me out specifically. You do realize that the exact thing you accusing me of you are doing right now, right? I don't tell ANYONE how to behave on this list. I have tried to explain to people to use Google and do research before coming and asking to be spoon fed. I didn't even comment in this thread AT ALL. Really, it's time to let whatever transgression you feel I committed go.
You're the epitome of hypocrisy and whining little spoilt, pompous asses. Definition of irony right there. You asshats can't stand anyone but yourselves giving 'advice' it seems and if it comes from someone you just don't care for you turn into the savages you accuse people like me or Pete of being when called out on your crap.
Here's one for the both of you, FOAD, preferably as soon as possible so no more of my air is wasted by your breathing.
Right. No trash talk right there at all. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Monday 02 January 2012 01:31:39 Insomniac wrote:
On Saturday, December 31, 2011 15:02 Graham Anderson wrote:
I'm going to top-post for once
And be a complete ass anyway for doing so. You and Dunsavage (and a few others...just about all that's left on this list actually) don't ever get the right again to tell anyone what to or not to say on this list, since you both decided it's okay to 'talk trash' but no one else can. You're the epitome of hypocrisy and whining little spoilt, pompous asses. You asshats can't stand anyone but yourselves giving 'advice' it seems and if it comes from someone you just don't care for you turn into the savages you accuse people like me or Pete of being when called out on your crap.
Here's one for the both of you, FOAD, preferably as soon as possible so no more of my air is wasted by your breathing.
Ohhhhh hark at her got ones panties in a right old tizz . Look sonny STFU get it and BTW it is you that needs to FOAD BMSMA -- Powered by Slackware 13.37 08:19 up 2 days 12:32, 4 users, load average: 0.09, 0.06, 0.01 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Mon, Jan 2, 2012 at 09:22, Peter Nikolic <p.nikolic1@btinternet.com> wrote:
On Monday 02 January 2012 01:31:39 Insomniac wrote:
On Saturday, December 31, 2011 15:02 Graham Anderson wrote:
I'm going to top-post for once
And be a complete ass anyway for doing so. You and Dunsavage (and a few others...just about all that's left on this list actually) don't ever get the right again to tell anyone what to or not to say on this list, since you both decided it's okay to 'talk trash' but no one else can. You're the epitome of hypocrisy and whining little spoilt, pompous asses. You asshats can't stand anyone but yourselves giving 'advice' it seems and if it comes from someone you just don't care for you turn into the savages you accuse people like me or Pete of being when called out on your crap.
Here's one for the both of you, FOAD, preferably as soon as possible so no more of my air is wasted by your breathing.
Ohhhhh hark at her got ones panties in a right old tizz . Look sonny STFU get it and BTW it is you that needs to FOAD BMSMA
Nice to see you're getting 2012 off to a good start. Please grow up and stop acting like a petty school child. You are an adult, and acting like you are here does nothing but make you look like a complete fool. C. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
So, I´m top posting too, wanna rant me also? ;-) [[ real mail below ]] On 02.01.2012 02:31, Insomniac wrote:
On Saturday, December 31, 2011 15:02 Graham Anderson wrote:
I'm going to top-post for once And be a complete ass anyway for doing so. You and Dunsavage (and a few others...just about all that's left on this list actually) don't ever get the right again to tell anyone what to or not to say on this list, since you both decided it's okay to 'talk trash' but no one else can. You're the epitome of hypocrisy and whining little spoilt, pompous asses. You asshats can't stand anyone but yourselves giving 'advice' it seems and if it comes from someone you just don't care for you turn into the savages you accuse people like me or Pete of being when called out on your crap.
Hey, you should think about who´s top-posting but feels guilty about it (if not, he wouldn´t have written that he´ll top-posting since *real* top-posters don't care, and who´s ranting about such a random topic.
Here's one for the both of you, FOAD, preferably as soon as possible so no more of my air is wasted by your breathing.
cool down, he haven#t done a nuclear strike nor raped someone, if I read your mail I could think he´s the heaviest criminal ever seen. hope you all cooled down, --kdl -- kind regards, -o) German Wiki Team Kim Leyendecker /\\ Documentation& marketing www.opensuse.org _\_v leyendecker@opensuse.org ===================================================== my GPG Key: 664265369547B825 | IRC: k-d-l Twitter: kim_d_ley | Wiki-Username: openLHAG openSUSE - Linux for open minds - get it free today! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Kim Leyendecker wrote:
So, I´m top posting too, wanna rant me also? ;-) [[ real mail below ]]
On 02.01.2012 02:31, Insomniac wrote:
On Saturday, December 31, 2011 15:02 Graham Anderson wrote:
I'm going to top-post for once And be a complete ass anyway for doing so. You and Dunsavage (and a few others...just about all that's left on this list actually) don't ever get the right again to tell anyone what to or not to say on this list, since you both decided it's okay to 'talk trash' but no one else can. You're the epitome of hypocrisy and whining little spoilt, pompous asses. You asshats can't stand anyone but yourselves giving 'advice' it seems and if it comes from someone you just don't care for you turn into the savages you accuse people like me or Pete of being when called out on your crap.
Hey, you should think about who´s top-posting but feels guilty about it (if not, he wouldn´t have written that he´ll top-posting since *real* top-posters don't care, and who´s ranting about such a random topic.
Here's one for the both of you, FOAD, preferably as soon as possible so no more of my air is wasted by your breathing.
cool down, he haven#t done a nuclear strike nor raped someone, if I read your mail I could think he´s the heaviest criminal ever seen.
hope you all cooled down,
--kdl
Over on my side of the planet, we have an expression: "Somewhere on the planet, it is Happy Hour" Over here, "happy hour" is about 5:00 PM, when drinks are half-price at the local bar. Can I suggest that you all take advantage of Happy Hour? -- Tony Alfrey tonyalfrey@earthlink.net "I'd Rather Be Sailing" -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 12/31/2011 02:05 PM, Peter Nikolic wrote: <snop>
while you have Thunderbird running run a term of some for and run tcpdump just watch where things get reported to .
<snip> Looking at chromium, it definitely 'phones home' on startup. Example: start tcpdump to look at web traffic in an xterm: tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' Interestingly, the follow packet appears: 13:36:53.690164 IP providence.rlfpllc.com.49830 > dfw06s16-in-f3.1e100.net.http: Flags [P.], seq 4290757038:4290757765, ack 2979107591, win 913, options [nop,nop,TS val 391374 ecr 1135864716], length 727 13:36:53.708067 IP dfw06s16-in-f3.1e100.net.http > providence.rlfpllc.com.49830: Flags [P.], seq 1:376, ack 727, win 112, options [nop,nop,TS val 1135864737 ecr 391374], length 375 Who the heck is that? Well... 13:38 providence:~> ping dfw06s16-in-f3.1e100.net PING dfw06s16-in-f3.1e100.net (74.125.227.99) 56(84) bytes of data. 64 bytes from dfw06s16-in-f3.1e100.net (74.125.227.99): icmp_req=1 ttl=54 time=33.3 ms 64 bytes from dfw06s16-in-f3.1e100.net (74.125.227.99): icmp_req=2 ttl=54 time=13.2 ms 64 bytes from dfw06s16-in-f3.1e100.net (74.125.227.99): icmp_req=3 ttl=54 time=14.5 ms ^C 13:38 providence:~> whois 74.125.227.99 # # The following results may also be obtained via: # http://whois.arin.net/rest/nets;q=74.125.227.99?showDetails=true&showARIN=fa... # NetRange: 74.125.0.0 - 74.125.255.255 CIDR: 74.125.0.0/16 OriginAS: NetName: GOOGLE NetHandle: NET-74-125-0-0-1 Parent: NET-74-0-0-0-0 NetType: Direct Allocation RegDate: 2007-03-13 Updated: 2007-05-22 Ref: http://whois.arin.net/rest/net/NET-74-125-0-0-1 OrgName: Google Inc. OrgId: GOGL Address: 1600 Amphitheatre Parkway City: Mountain View StateProv: CA PostalCode: 94043 Country: US RegDate: 2000-03-30 Updated: 2011-09-24 Ref: http://whois.arin.net/rest/org/GOGL OrgAbuseHandle: ZG39-ARIN OrgAbuseName: Google Inc OrgAbusePhone: +1-650-253-0000 OrgAbuseEmail: arin-contact@google.com OrgAbuseRef: http://whois.arin.net/rest/poc/ZG39-ARIN OrgTechHandle: ZG39-ARIN OrgTechName: Google Inc OrgTechPhone: +1-650-253-0000 OrgTechEmail: arin-contact@google.com OrgTechRef: http://whois.arin.net/rest/poc/ZG39-ARIN Yep, ET is phoning home to Google... Then hundreds more packets: 13:40:13.464372 IP oa-in-f139.1e100.net.http > providence.rlfpllc.com.37185: Flags [P.], seq 939500:939902, ack 8771, win 450, options [nop,nop,TS val 1032746965 ecr 451285], length 402 Well who the hell is oa-in-f139.1e100.net? So... 13:38 providence:~> ping oa-in-f139.1e100.net PING oa-in-f139.1e100.net (173.194.64.139) 56(84) bytes of data. 64 bytes from oa-in-f139.1e100.net (173.194.64.139): icmp_req=1 ttl=46 time=22.7 ms 64 bytes from oa-in-f139.1e100.net (173.194.64.139): icmp_req=2 ttl=46 time=22.2 ms ^C --- oa-in-f139.1e100.net ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 22.247/22.512/22.778/0.304 ms 13:43 providence:~> whois 173.194.64.139 # # The following results may also be obtained via: # http://whois.arin.net/rest/nets;q=173.194.64.139?showDetails=true&showARIN=f... # NetRange: 173.194.0.0 - 173.194.255.255 CIDR: 173.194.0.0/16 OriginAS: AS15169 NetName: GOOGLE NetHandle: NET-173-194-0-0-1 Parent: NET-173-0-0-0-0 NetType: Direct Allocation RegDate: 2009-08-17 Updated: 2010-08-23 Ref: http://whois.arin.net/rest/net/NET-173-194-0-0-1 OrgName: Google Inc. OrgId: GOGL Address: 1600 Amphitheatre Parkway City: Mountain View StateProv: CA PostalCode: 94043 Country: US RegDate: 2000-03-30 Updated: 2011-09-24 Ref: http://whois.arin.net/rest/org/GOGL OrgTechHandle: ZG39-ARIN OrgTechName: Google Inc OrgTechPhone: +1-650-253-0000 OrgTechEmail: arin-contact@google.com OrgTechRef: http://whois.arin.net/rest/poc/ZG39-ARIN OrgAbuseHandle: ZG39-ARIN OrgAbuseName: Google Inc OrgAbusePhone: +1-650-253-0000 OrgAbuseEmail: arin-contact@google.com OrgAbuseRef: http://whois.arin.net/rest/poc/ZG39-ARIN You get the idea... This is all with the browser just sitting idle. It keeps going too. Every few minutes, there is another flurry of information sent back to google. And, I disabled everything in the settings that would do this (or so I thought). -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/05/2012 01:46 PM, David C. Rankin wrote:
You get the idea... This is all with the browser just sitting idle. It keeps going too. Every few minutes, there is another flurry of information sent back to google. And, I disabled everything in the settings that would do this (or so I thought).
So far with tbird on 11.4, all I'm seeing is tcp traffic with OCSP.SFO1.VERISIGN.COM. I don't mind that. -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Thu, Jan 05, 2012 at 01:55:52PM -0600, David C. Rankin wrote:
On 01/05/2012 01:46 PM, David C. Rankin wrote:
You get the idea... This is all with the browser just sitting idle. It keeps going too. Every few minutes, there is another flurry of information sent back to google. And, I disabled everything in the settings that would do this (or so I thought).
So far with tbird on 11.4, all I'm seeing is tcp traffic with OCSP.SFO1.VERISIGN.COM. I don't mind that.
Before we start to fud about what Google does we should have a look into the tcp content. And always keep in mind: Nobody forces users to use software mainly driven by developers from Google. As nobody forces users to use software Microsoft. ;) Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
Le 31/12/2011 19:29, Mark Misulich a écrit :
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened.
how did you send the video coordinates? did you clic on "share" and copy paste the result in a mail or did you use the "mail link to" entry in Firefox? I wonder if the latter can be watched by youtube? jdd -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 12/31/2011 12:16 PM, jdd wrote:
Le 31/12/2011 19:29, Mark Misulich a �crit :
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened.
how did you send the video coordinates? did you clic on "share" and copy paste the result in a mail or did you use the "mail link to" entry in Firefox? I wonder if the latter can be watched by youtube?
jdd
Exactly. Never use the share link on youtube. Always copy and paste the URL into your normal email package. However, the OP also claims to have been subscribed to Yahoo, which seems highly suspect, since Yahoo is not associated with youtube. Still, its not likely anything in Opensuse, and Tbird has never signed me up for anything either. That leaves his correspondent or his ISP, or the more likely possibility that he used the Share link on youtube. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 2011-12-31 at 21:16 +0100, jdd wrote:
Le 31/12/2011 19:29, Mark Misulich a écrit :
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened.
how did you send the video coordinates? did you clic on "share" and copy paste the result in a mail or did you use the "mail link to" entry in Firefox? I wonder if the latter can be watched by youtube?
jdd
Hi, I clicked on the url address in the browser url window and highlighted it. Then I right clicked it and copied the url address. I then pasted the url address in the email and sent out the email. Again, the email was on my isp's email servers and had no connection to youtube, yahoo, or google. I didn't use any of the share functions on youtube, in fact I wasn't aware of it. It is straight forward for me to just highlight and copy the url address from the browser window, so I did that. I didn't even know that there is a share function on youtube. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/01/12 13:46, Mark Misulich wrote:
On Sat, 2011-12-31 at 21:16 +0100, jdd wrote:
Le 31/12/2011 19:29, Mark Misulich a écrit :
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened.
how did you send the video coordinates? did you clic on "share" and copy paste the result in a mail or did you use the "mail link to" entry in Firefox? I wonder if the latter can be watched by youtube?
jdd
Hi, I clicked on the url address in the browser url window and highlighted it. Then I right clicked it and copied the url address. I then pasted the url address in the email and sent out the email. Again, the email was on my isp's email servers and had no connection to youtube, yahoo, or google.
Some things about your posts here re this "problem". You are using Evolution and not Thunderbird to post your messages here in this thread - so where does Thunderbird come into it? Secondly, you do not mention which browser you were/are using. If you are going to ask questions it is best to mention what applications you are using. Thirdly, how are/did you send/ing your e-mail "via [your] isp's email? You mention Thunderbird, and you are using Evolution, which makes people conclude that it is a mailer which causing some perceived problem. However, what you don't say is that you have your mailer configured to send mail thru your ISP using a POP or IMAP or whether you sent that e-mail with the URL on-line, using the browser and logging in into your account and then posting your message. Which is the way you did it? I have been using Thunderbird since the year dot and I have never had the behaviour you mention. But what does come to mind is that you used your browser to do the post and your browser (whichever one it is) does not have security installed - but here I am only surmising. BC -- So, if a man cannot spot a problem in the making he cannot really be a wise leader. But very few men have this gift. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Hi, I clicked on the url address in the browser url window and highlighted it. Then I right clicked it and copied the url address. I then pasted the url address in the email and sent out the email. Again, the email was on my isp's email servers and had no connection to youtube, yahoo, or google.
Some things about your posts here re this "problem".
You are using Evolution and not Thunderbird to post your messages here in this thread - so where does Thunderbird come into it?
I use Thunderbird to send email through my isp's servers for my personal email. Sending email is set up through the smtp.xxx.com server of my isp. It is a different email address than I use to send and receive email from the opensuse list. I use evolution to send and receive email through gmail to the opensuse list and a couple of other technical mailing lists. It just makes it easier for me to keep the two types of emails seperate, no other reason. Its just a personal preference. I travel a lot for work, and it has been easier in the past for me to send emails through gmail than my isp's servers when I am somewhere around the world.
Secondly, you do not mention which browser you were/are using. If you are going to ask questions it is best to mention what applications you are using.
I was using Firefox to view the video. I didn't use it to send email. I used thunderbird to send the email.
Thirdly, how are/did you send/ing your e-mail "via [your] isp's email? You mention Thunderbird, and you are using Evolution, which makes people conclude that it is a mailer which causing some perceived problem. However, what you don't say is that you have your mailer configured to send mail thru your ISP using a POP or IMAP or whether you sent that e-mail with the URL on-line, using the browser and logging in into your account and then posting your message. Which is the way you did it?
I send email using smtp. Pop is how I receive emails. I sent the email in question via thunderbird. I did not send it via a browser, which in this case would have been firefox 9.0.1 opensuse linux version. I don't know if there is a security leak in opensuse 12.1 or thunderbird, it was simply a way to broach the question of how this happened to the knowledgeable members of the mail list. I don't wish the title of the thread should lead you down the wrong trail of thinking. If I was younger, maybe I could have titled the thread "Whoa Dude, how did this happen?"
I have been using Thunderbird since the year dot and I have never had the behaviour you mention.
I have also used thunderbird for a long time without problem. I don't know if thunderbird is at fault, and I don't think I layed the blame at thunderbird's door. I just explained how I sent the email, and what resulted afterwards.
But what does come to mind is that you used your browser to do the post and your browser (whichever one it is) does not have security installed - but here I am only surmising.
Nope, didn't use the browser to send the email so that wouldn't have been at fault.
BC
-- So, if a man cannot spot a problem in the making he cannot really be a wise leader. But very few men have this gift. Niccolo Machiavelli
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/01/12 15:08, Mark Misulich wrote:
Hi, I clicked on the url address in the browser url window and highlighted it. Then I right clicked it and copied the url address. I then pasted the url address in the email and sent out the email. Again, the email was on my isp's email servers and had no connection to youtube, yahoo, or google. Some things about your posts here re this "problem".
You are using Evolution and not Thunderbird to post your messages here in this thread - so where does Thunderbird come into it? I use Thunderbird to send email through my isp's servers for my personal email. Sending email is set up through the smtp.xxx.com server of my isp. It is a different email address than I use to send and receive email from the opensuse list.
OK, sounds a reasonable way to send various types of e-mails. [pruned]
Nope, didn't use the browser to send the email so that wouldn't have been at fault
Thunderbird was ugraded to v9.0 only recently (and Firefox was upgraded at the same time). I found that a couple of settings were altered for some reason when v9.0 was installed. I wonder if something has been altered without you knowing it? Have you checked all your settings? For example, you replied to me using Evolution and your reply went to both this, suse, list as well as to my 'private' address. Is TB doing the same thing (ie, sending a CC for example)? One occurrence is not "proof of the pudding". How about you sending me the same URL in the same manner as you did before just to see if the same recurs? (Don't worry about me using your other, private, address: I would never use it or disclose it [I'm used to handling secret/confidential documents].) BC -- So, if a man cannot spot a problem in the making he cannot really be a wise leader. But very few men have this gift. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/1/2012 12:11 AM, Basil Chupin wrote:
One occurrence is not "proof of the pudding". How about you sending me the same URL in the same manner as you did before just to see if the same recurs? (Don't worry about me using your other, private, address: I would never use it or disclose it [I'm used to handling secret/confidential documents].) Since Thunderbird has been my favorite since the beginning, I am interested in this thread (except for the urinary olympiad). How would Mark's sending you in the same manner help? If the compromise has been on his side (TB, ISP etc.) then shouldn't we expect Mark to not see anything new? Would it not make more sense to have a new person do it with a tcp monitor on at the time? I might be willing to try this at home, although I am totally unfamiliar with tcpdump.
Considering how some people (including ones I have known) love to forward, I might be more inclined to be suspicious of the person to whom Mark sent his e-mail or to any one of the number of persons to whom he might have forwarded. Damon Register -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Jan 3, 2012 at 2:14 PM, Damon Register <damon.w.register@lmco.com> wrote:
On 1/1/2012 12:11 AM, Basil Chupin wrote:
One occurrence is not "proof of the pudding". How about you sending me the same URL in the same manner as you did before just to see if the same recurs? (Don't worry about me using your other, private, address: I would never use it or disclose it [I'm used to handling secret/confidential documents].)
Since Thunderbird has been my favorite since the beginning, I am interested in this thread (except for the urinary olympiad). How would Mark's sending you in the same manner help? If the compromise has been on his side (TB, ISP etc.) then shouldn't we expect Mark to not see anything new? Would it not make more sense to have a new person do it with a tcp monitor on at the time? I might be willing to try this at home, although I am totally unfamiliar with tcpdump.
Considering how some people (including ones I have known) love to forward, I might be more inclined to be suspicious of the person to whom Mark sent his e-mail or to any one of the number of persons to whom he might have forwarded.
Damon Register
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Hi, this is on hold for a week or so. I left home on a business trip and won't be able to get back to the desktop computer with 12.1 and the urls till I get home. Mark -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 04/01/12 01:14, Damon Register wrote:
On 1/1/2012 12:11 AM, Basil Chupin wrote:
One occurrence is not "proof of the pudding". How about you sending me the same URL in the same manner as you did before just to see if the same recurs? (Don't worry about me using your other, private, address: I would never use it or disclose it [I'm used to handling secret/confidential documents].) Since Thunderbird has been my favorite since the beginning, I am interested in this thread (except for the urinary olympiad). How would Mark's sending you in the same manner help? If the compromise has been on his side (TB, ISP etc.) then shouldn't we expect Mark to not see anything new? Would it not make more sense to have a new person do it with a tcp monitor on at the time? I might be willing to try this at home, although I am totally unfamiliar with tcpdump.
Considering how some people (including ones I have known) love to forward, I might be more inclined to be suspicious of the person to whom Mark sent his e-mail or to any one of the number of persons to whom he might have forwarded.
Perhaps my logic is wrong in this case but I always like to tackle a problem by eliminating variables and try and arrive at a level playing field. Reason why I suggested that Mark try this is that *I* am using the same Thunderbird as him whereas the person to whom he initially sent the URL is using something which I/we don't know about nor know how he has his whatever configured. But I know how my system and TB are configured. What happened may have just a single incidence which may not be reproducible. If it happens again then we can go about trying to find the "source". BC -- What religion were Adam and Eve? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sun, 2012-01-01 at 14:32 +1100, Basil Chupin wrote:
On 01/01/12 13:46, Mark Misulich wrote:
On Sat, 2011-12-31 at 21:16 +0100, jdd wrote:
Le 31/12/2011 19:29, Mark Misulich a écrit :
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened.
how did you send the video coordinates? did you clic on "share" and copy paste the result in a mail or did you use the "mail link to" entry in Firefox? I wonder if the latter can be watched by youtube?
jdd
Hi, I clicked on the url address in the browser url window and highlighted it. Then I right clicked it and copied the url address. I then pasted the url address in the email and sent out the email. Again, the email was on my isp's email servers and had no connection to youtube, yahoo, or google.
Some things about your posts here re this "problem".
You are using Evolution and not Thunderbird to post your messages here in this thread - so where does Thunderbird come into it?
Secondly, you do not mention which browser you were/are using. If you are going to ask questions it is best to mention what applications you are using.
Thirdly, how are/did you send/ing your e-mail "via [your] isp's email? You mention Thunderbird, and you are using Evolution, which makes people conclude that it is a mailer which causing some perceived problem. However, what you don't say is that you have your mailer configured to send mail thru your ISP using a POP or IMAP or whether you sent that e-mail with the URL on-line, using the browser and logging in into your account and then posting your message. Which is the way you did it?
I have been using Thunderbird since the year dot and I have never had the behaviour you mention.
But what does come to mind is that you used your browser to do the post and your browser (whichever one it is) does not have security installed - but here I am only surmising.
BC
-- So, if a man cannot spot a problem in the making he cannot really be a wise leader. But very few men have this gift. Niccolo Machiavelli
Hi, I sent the emails with the urls in question to two of the members of the list for analysis. It turned out that the YouTube account of the videos has been closed, so the question is unresolvable at this point. Here is the input from the two list members who tried to do analysis. I see YaHoo closed the account (so the video are no more available), so I suspect there was something wrong with them! jdd To begin with, both videos are no longer available because the "account associated with them has been closed", or similar words. What that means I don't know but it may mean that there was some hanky-panky behind them and YouTube closed the account following complaints. Dunno..... The other thing is that you sent me the (above) e-mail with the addressee, me, being "Undisclosed-recipients" rather than having me as a direct entry in your address book. Who else may be in this "undisclosed-recipients" entry of yours? If I remember correctly, if one either replies to an e-mail or Copies the address the address goes into the Personal Address Book; how an address gets into the Collected Addresses book I don't know. However, I am certain that one needs to deliberately create an "Undisclosed-recipients" entry into which you then manually enter the addresses - I used to use this to send agendas and minutes of meetings to members of a committee I belonged to. So, at this point nothing conclusive - with the exception of this "undisclosed-recipients" matter . BTW, I am not sure if mention was made of which browser you were using to view those videos but if you are using Firefox have you considered installing these (security) extensions: Adblock, BetterPrivacy, Ghostery, NoScript? Basil Sorry nothing more to report, but I took Basil's suggestion to add the four security extensions to the browser, which was in fact Firefox. Mark -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 2012-01-10 at 12:35 -0500, Mark Misulich wrote:
On Sun, 2012-01-01 at 14:32 +1100, Basil Chupin wrote:
On 01/01/12 13:46, Mark Misulich wrote:
On Sat, 2011-12-31 at 21:16 +0100, jdd wrote:
Le 31/12/2011 19:29, Mark Misulich a écrit :
Hi, I watched a video on YouTube the other night. When I was through watching it I emailed the url to a friend of mine via my isp's email. The email isn't connected to Yahoo or Google in any way.
The next day I received emails from Yahoo with the urls of the video that I watched, plus others in the series. I also found out that I was signed up for a yahoo group that pertained to the video, all without my knowledge.
Is there some kind of security leak in Opensuse 12.1 or Thunderbird that would allow this to happen? Maybe everyone else on the list knows why this is, but I am very surprised by it and don't understand why it happened.
how did you send the video coordinates? did you clic on "share" and copy paste the result in a mail or did you use the "mail link to" entry in Firefox? I wonder if the latter can be watched by youtube?
jdd
Hi, I clicked on the url address in the browser url window and highlighted it. Then I right clicked it and copied the url address. I then pasted the url address in the email and sent out the email. Again, the email was on my isp's email servers and had no connection to youtube, yahoo, or google.
Some things about your posts here re this "problem".
You are using Evolution and not Thunderbird to post your messages here in this thread - so where does Thunderbird come into it?
Secondly, you do not mention which browser you were/are using. If you are going to ask questions it is best to mention what applications you are using.
Thirdly, how are/did you send/ing your e-mail "via [your] isp's email? You mention Thunderbird, and you are using Evolution, which makes people conclude that it is a mailer which causing some perceived problem. However, what you don't say is that you have your mailer configured to send mail thru your ISP using a POP or IMAP or whether you sent that e-mail with the URL on-line, using the browser and logging in into your account and then posting your message. Which is the way you did it?
I have been using Thunderbird since the year dot and I have never had the behaviour you mention.
But what does come to mind is that you used your browser to do the post and your browser (whichever one it is) does not have security installed - but here I am only surmising.
BC
-- So, if a man cannot spot a problem in the making he cannot really be a wise leader. But very few men have this gift. Niccolo Machiavelli
Hi, I sent the emails with the urls in question to two of the members of the list for analysis. It turned out that the YouTube account of the videos has been closed, so the question is unresolvable at this point. Here is the input from the two list members who tried to do analysis.
I see YaHoo closed the account (so the video are no more available), so I suspect there was something wrong with them!
jdd
To begin with, both videos are no longer available because the "account associated with them has been closed", or similar words. What that means I don't know but it may mean that there was some hanky-panky behind them and YouTube closed the account following complaints. Dunno.....
The other thing is that you sent me the (above) e-mail with the addressee, me, being "Undisclosed-recipients" rather than having me as a direct entry in your address book. Who else may be in this "undisclosed-recipients" entry of yours? If I remember correctly, if one either replies to an e-mail or Copies the address the address goes into the Personal Address Book; how an address gets into the Collected Addresses book I don't know. However, I am certain that one needs to deliberately create an "Undisclosed-recipients" entry into which you then manually enter the addresses - I used to use this to send agendas and minutes of meetings to members of a committee I belonged to.
So, at this point nothing conclusive - with the exception of this "undisclosed-recipients" matter .
BTW, I am not sure if mention was made of which browser you were using to view those videos but if you are using Firefox have you considered installing these (security) extensions: Adblock, BetterPrivacy, Ghostery, NoScript?
Basil
Sorry nothing more to report, but I took Basil's suggestion to add the four security extensions to the browser, which was in fact Firefox.
Mark
Sound like somebody found a clever exploit in the YouTube overlay API. I think your security is fine. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/01/12 04:35, Mark Misulich wrote: [pruned]
Hi, I sent the emails with the urls in question to two of the members of the list for analysis. It turned out that the YouTube account of the videos has been closed, so the question is unresolvable at this point. Here is the input from the two list members who tried to do analysis.
I see YaHoo closed the account (so the video are no more available), so I suspect there was something wrong with them!
jdd
[pruned] YouTube is owned by Google and not Yahoo :-) . BC -- What religion were Adam and Eve? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Mark Misulich <munguanaweza@gmail.com> [01-10-12 12:37]:
On Sun, 2012-01-01 at 14:32 +1100, Basil Chupin wrote:
The other thing is that you sent me the (above) e-mail with the addressee, me, being "Undisclosed-recipients" rather than having me as a direct entry in your address book. Who else may be in this "undisclosed-recipients" entry of yours? If I remember correctly, if one either replies to an e-mail or Copies the address the address goes into the Personal Address Book; how an address gets into the Collected Addresses book I don't know. However, I am certain that one needs to deliberately create an "Undisclosed-recipients" entry into which you then manually enter the addresses - I used to use this to send agendas and minutes of meetings to members of a committee I belonged to.
So, at this point nothing conclusive - with the exception of this "undisclosed-recipients" matter .
"undisclosed-recipients" address is *not* the problem here. It merely indicates that the "To:" header was empty. You can "Cc:" or "Bcc:" w/o having an address entered in "To:" and the message will be delivered, just will have the "undisclosed-recipients" address added to the "To:" header field. -- (paka)Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 http://en.opensuse.org openSUSE Community Member Registered Linux User #207535 @ http://linuxcounter.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/01/12 12:02, Patrick Shanahan wrote:
* Mark Misulich<munguanaweza@gmail.com> [01-10-12 12:37]:
On Sun, 2012-01-01 at 14:32 +1100, Basil Chupin wrote:
The other thing is that you sent me the (above) e-mail with the addressee, me, being "Undisclosed-recipients" rather than having me as a direct entry in your address book. Who else may be in this "undisclosed-recipients" entry of yours? If I remember correctly, if one either replies to an e-mail or Copies the address the address goes into the Personal Address Book; how an address gets into the Collected Addresses book I don't know. However, I am certain that one needs to deliberately create an "Undisclosed-recipients" entry into which you then manually enter the addresses - I used to use this to send agendas and minutes of meetings to members of a committee I belonged to.
So, at this point nothing conclusive - with the exception of this "undisclosed-recipients" matter . "undisclosed-recipients" address is *not* the problem here.
Well, we don't know this as a certainty, do we? We don't know what Mark has set up in his TB's Address Book(s).
It merely indicates that the "To:" header was empty. You can "Cc:" or "Bcc:" w/o having an address entered in "To:" and the message will be delivered, just will have the "undisclosed-recipients" address added to the "To:" header field.
I tested this out before responding (by sending some test messages to my wife, sitting 3 feet away from me :-) ) and you are correct about the BCC: but not the CC: option: you don't get the "Undisclosed-recipients" with the CC: when the To: field is empty. BC -- It is easy to convince people of something, but hard to keep them convinced. Niccolo Machiavelli -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
[12.01.2012 07:01] [Basil Chupin]:
I tested this out before responding (by sending some test messages to my wife, sitting 3 feet away from me :-) ) and you are correct about the BCC: but not the CC: option: you don't get the "Undisclosed-recipients" with the CC: when the To: field is empty.
A normal mail server will remove the "Bcc:" lines from a mail, but the "Cc:" remain. So, when the "To:" field is empty, and the sender entered addresses in "Bcc:" only, it is a real case of "undisclosed recipients", isn't it? :-) Since normally the "Cc:" recipients are transported to every receiver, the recipients (at least not all) are not undisclosed ;-) BTW, are you really on such bad terms with you wife that you don't speak to each other? :-D Cheers, Werner -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/12/2012 12:00 PM, Werner Flamme wrote:
[12.01.2012 07:01] [Basil Chupin]:
I tested this out before responding (by sending some test messages to my wife, sitting 3 feet away from me :-) ) and you are correct about the BCC: but not the CC: option: you don't get the "Undisclosed-recipients" with the CC: when the To: field is empty.
A normal mail server will remove the "Bcc:" lines from a mail, but the "Cc:" remain. So, when the "To:" field is empty, and the sender entered addresses in "Bcc:" only, it is a real case of "undisclosed recipients", isn't it? :-)
Since normally the "Cc:" recipients are transported to every receiver, the recipients (at least not all) are not undisclosed ;-)
Actually it used to be the job of the CLIENT to remove the BCC. If this is now handled by the Server it is certainly not universally handled correctly. -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
[12.01.2012 23:12] [John Andersen]:
On 1/12/2012 12:00 PM, Werner Flamme wrote:
[12.01.2012 07:01] [Basil Chupin]:
I tested this out before responding (by sending some test messages to my wife, sitting 3 feet away from me :-) ) and you are correct about the BCC: but not the CC: option: you don't get the "Undisclosed-recipients" with the CC: when the To: field is empty.
A normal mail server will remove the "Bcc:" lines from a mail, but the "Cc:" remain. So, when the "To:" field is empty, and the sender entered addresses in "Bcc:" only, it is a real case of "undisclosed recipients", isn't it? :-)
Since normally the "Cc:" recipients are transported to every receiver, the recipients (at least not all) are not undisclosed ;-)
Actually it used to be the job of the CLIENT to remove the BCC. If this is now handled by the Server it is certainly not universally handled correctly.
Which client? The sending client? So where would the server know the Bcc from? The receiving client? Why should privacy depend on client software behaviour only? You might turn off the Bcc behaviour and see all the recipients then, though the sender may not want this. When reading <http://en.wikipedia.org/wiki/Blind_carbon_copy>, I do not get the impression that is is inteded to have this been solved by the receiving client. However, the text is vague, as are the RFCs. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/12/2012 10:32 PM, Werner Flamme wrote:
[12.01.2012 23:12] [John Andersen]:
On 1/12/2012 12:00 PM, Werner Flamme wrote:
[12.01.2012 07:01] [Basil Chupin]:
I tested this out before responding (by sending some test messages to my wife, sitting 3 feet away from me :-) ) and you are correct about the BCC: but not the CC: option: you don't get the "Undisclosed-recipients" with the CC: when the To: field is empty.
A normal mail server will remove the "Bcc:" lines from a mail, but the "Cc:" remain. So, when the "To:" field is empty, and the sender entered addresses in "Bcc:" only, it is a real case of "undisclosed recipients", isn't it? :-)
Since normally the "Cc:" recipients are transported to every receiver, the recipients (at least not all) are not undisclosed ;-)
Actually it used to be the job of the CLIENT to remove the BCC. If this is now handled by the Server it is certainly not universally handled correctly.
Which client? The sending client? So where would the server know the Bcc from? The receiving client? Why should privacy depend on client software behaviour only? You might turn off the Bcc behaviour and see all the recipients then, though the sender may not want this.
Receiving client. I'm not defending this method Werner, just reporting how it use to be in days gone by. Not all servers stripped BCC, and receiving clients were set up to do so, but anyone with a tiny bit of work could fetch the entire BCC list. I speculate there are a few such servers still running somewhere, but most have improved. Even Wikipedia mentions this problem, its been a long standing issue. http://en.wikipedia.org/wiki/Blind_carbon_copy#Visibility says this:
It also states: There are three ways in which the "BCC:" field is used. In the first case, when a message containing a "BCC:" field is prepared to be sent, the "BCC:" line is removed even though all of the recipients (including those specified in the "BCC:" field) are sent a copy of the message. In the second case, recipients specified in the "To:" and "CC:" lines each are sent a copy of the message with the "BCC:" line removed as above, but the recipients on the "BCC:" line get a separate copy of the message containing a "BCC:" line. (When there are multiple recipient addresses in the "BCC:" field, some implementations actually send a separate copy of the message to each recipient with a "BCC:" containing only the address of that particular recipient.) Finally, since a "BCC:" field may contain no addresses, a "BCC:" field can be sent without any addresses indicating to the recipients that blind copies were sent to someone. Which method to use with Bcc: fields is implementation dependent and may depend on both one's mail user agent (e.g. Outlook, Thunderbird) and mail submission agent (usually provided by one's ISP). Since the hiding of the Bcc: addresses from other Bcc: addresses is not required by RFC 2822, one cannot assume the Bcc: addresses will be hidden from other Bcc: addresses.
-- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
[13.01.2012 07:52] [John Andersen]:
Even Wikipedia mentions this problem, its been a long standing issue. http://en.wikipedia.org/wiki/Blind_carbon_copy#Visibility says this:
[..] Thank you for quoting the link I wrote in my last post. And from citing from that page. I love that :-) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Friday 13 January 2012 07:32:49 Werner Flamme wrote:
When reading <http://en.wikipedia.org/wiki/Blind_carbon_copy>, I do not get the impression that is is inteded to have this been solved by the receiving client. However, the text is vague, as are the RFCs.
There are two recipient fields. One that is in the body of the email, and one that is used when talking to the receiving mail server. The first is typically referred to as "header to:" and the second as the "envelope to:". When you send an email, you connect to the receiving mail server, and send the command RCPT TO: followed by all the addresses on that server that is supposed to have the email. When you put an address in bcc, what this means is that the address is not put into the header, so it is not in the text body of the email. It is in the envelope to: but *only* when sending to that particular address. This means that other recipients of the email don't know it also went to the bcc address. They have no way of knowing about it. The information simply isn't there, so the filtering cannot be up to them. Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
[14.01.2012 12:06] [Anders Johansson]:
On Friday 13 January 2012 07:32:49 Werner Flamme wrote:
When reading <http://en.wikipedia.org/wiki/Blind_carbon_copy>, I do not get the impression that is is inteded to have this been solved by the receiving client. However, the text is vague, as are the RFCs.
There are two recipient fields. One that is in the body of the email, and one that is used when talking to the receiving mail server. The first is typically referred to as "header to:" and the second as the "envelope to:".
You're confusing me by by putting together body and header of the mail as body. But OK, as a difference to the envelope, that's clear.
When you send an email, you connect to the receiving mail server, and send the command RCPT TO: followed by all the addresses on that server that is supposed to have the email.
When you put an address in bcc, what this means is that the address is not put into the header, so it is not in the text body of the email. It is in the envelope to: but *only* when sending to that particular address. This means that other recipients of the email don't know it also went to the bcc address. They have no way of knowing about it. The information simply isn't there, so the filtering cannot be up to them.
As I understand this, the (first) server reads the RCPT TO: line and compares it with the to:, cc:, and bcc: lines in the header, since it must know how to forward the mail. Is this correct? And the server eliminates the bcc: line from the mail, since otherways all recipients ware informed about the bcc:, and this is sure no "blind" carbon copy ;-) But what does the next mailserver do? Example: userd@d.com sends a mail to his local mail server (outgoing mail relay) that is addressed TO: usera@a.com, CC: userb@b.com, and BCC: userc@c.com. This first mail server removes the BCC line, and sends the mail with the remaining TO and CC entries to the MX of c.com - this server may not compare the envelope recipient with TO: and CC: - or what? Do the servers compare with Bcc: only? Aaargh, I'm so confused now :-\ Werner -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Saturday 14 January 2012 12:59:10 Werner Flamme wrote:
[14.01.2012 12:06] [Anders Johansson]:
On Friday 13 January 2012 07:32:49 Werner Flamme wrote:
When reading <http://en.wikipedia.org/wiki/Blind_carbon_copy>, I do not get the impression that is is inteded to have this been solved by the receiving client. However, the text is vague, as are the RFCs.
There are two recipient fields. One that is in the body of the email, and one that is used when talking to the receiving mail server. The first is typically referred to as "header to:" and the second as the "envelope to:".
You're confusing me by by putting together body and header of the mail as body. But OK, as a difference to the envelope, that's clear.
When you send an email, you connect to the receiving mail server, and send the command RCPT TO: followed by all the addresses on that server that is supposed to have the email.
When you put an address in bcc, what this means is that the address is not put into the header, so it is not in the text body of the email. It is in the envelope to: but *only* when sending to that particular address. This means that other recipients of the email don't know it also went to the bcc address. They have no way of knowing about it. The information simply isn't there, so the filtering cannot be up to them.
As I understand this, the (first) server reads the RCPT TO: line and compares it with the to:, cc:, and bcc: lines in the header, since it must know how to forward the mail. Is this correct?
No, the bcc line is not visible to any server at any point. It is only used by the client. It goes through the list of addresses in the bcc field, and sends them one by one to the server in the envelope only. No mail server sees the bcc contents at any time
But what does the next mailserver do? Example: userd@d.com sends a mail to his local mail server (outgoing mail relay) that is addressed TO: usera@a.com, CC: userb@b.com, and BCC: userc@c.com. This first mail server removes the BCC line, and sends the mail with the remaining TO and CC entries to the MX of c.com - this server may not compare the envelope recipient with TO: and CC: - or what? Do the servers compare with Bcc: only?
The mail server is not allowed to use the header fields for routing. Doing so is a major bug (we see it for example with certain older versions of Lotus Domino, they will resend emails based on header information, causing mail loops. This is a violation of the protocol) The server is only supposed to look at the envelope information. The header To: and cc: fields should be plain text only and not used for relay or routing information in the SMTP protocol. Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Saturday 14 January 2012 12:59:10 Werner Flamme wrote:
But what does the next mailserver do? Example: userd@d.com sends a mail to his local mail server (outgoing mail relay) that is addressed TO: usera@a.com, CC: userb@b.com, and BCC: userc@c.com. This first mail server removes the BCC line, and sends the mail with the remaining TO and CC entries to the MX of c.com - this server may not compare the envelope recipient with TO: and CC: - or what? Do the servers compare with Bcc: only?
To make it clearer, let me give you an example: a mail is addressed to a@foo.com and b@foo.com, cc c@bar.com and bcc: d@baz.com The client connects to the MX for foo.com and sends in the envelope RCPT TO: a@foo.com, b@foo.com the contents of the email are To: and CC: only, not bcc. it then connects to the MX for bar.com and sends RCPT TO: c@bar.com and finally to the MX for baz.com and sends RCPT TO: d@baz.com The actual email contents are the same in all three cases, To: and CC: only, no bcc info. The only server that sees that d@baz.com gets the email is the MX for baz.com. foo@com and bar@com know nothing about this. Your client will then note that you are nowhere in To or cc, and deduce that you must have been in bcc, so e.g. kmail will then display your address as bcc. but this is a client side nicety. it is not in the actual email itself. If on the other hand it had been bcc d@foo.com instead, that final stage would have been eliminated, and the initial connection would have been RCPT TO: a@foo.com, b@foo.com, d@foo.com instead, and the mail administrator of foo.com would have been able to see d as a bcc recipient (since all is logged), but a and b when looking at their emails in their inboxes would still only have seen the actual mail contents, which as I said were always limited to To: and CC: Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
[14.01.2012 13:24] [Anders Johansson]:
On Saturday 14 January 2012 12:59:10 Werner Flamme wrote:
But what does the next mailserver do? Example: userd@d.com sends a mail to his local mail server (outgoing mail relay) that is addressed TO: usera@a.com, CC: userb@b.com, and BCC: userc@c.com. This first mail server removes the BCC line, and sends the mail with the remaining TO and CC entries to the MX of c.com - this server may not compare the envelope recipient with TO: and CC: - or what? Do the servers compare with Bcc: only?
To make it clearer, let me give you an example:
Thank you, Anders!
a mail is addressed to a@foo.com and b@foo.com, cc c@bar.com and bcc: d@baz.com
The client connects to the MX for foo.com and sends in the envelope
RCPT TO: a@foo.com, b@foo.com
the contents of the email are To: and CC: only, not bcc. it then connects to the MX for bar.com and sends
RCPT TO: c@bar.com
and finally to the MX for baz.com and sends
RCPT TO: d@baz.com
The actual email contents are the same in all three cases, To: and CC: only, no bcc info. The only server that sees that d@baz.com gets the email is the MX for baz.com. foo@com and bar@com know nothing about this.
I understand your example. But... in most companies, your client will not connect to MXes directly. Instead, you use your company's mail relay server (maybe someone wants to add this nonsense "confidential" footer, or the firewall simply does not allow direct mailing) and the relay server contacts the MXes. Ah, brain is back (I hope)! Of course your client sends all those recipient addresses to the relay server, the relay "bundles" them and connects to the appropriate MXes. Is this correct?
Your client will then note that you are nowhere in To or cc, and deduce that you must have been in bcc, so e.g. kmail will then display your address as bcc. but this is a client side nicety. it is not in the actual email itself.
Yes, and Thunderbird (at least at some version) displays all the recipients, and you might have a guess now, why you are reading the mail, since you were not in the recipient list :-) And when there is no recipient in the mail at all (because some braindead sender only used bcc), you get "undisclosed-recipients;" shown in TB.
instead, and the mail administrator of foo.com would have been able to see d as a bcc recipient (since all is logged), but a and b when looking at their emails in their inboxes would still only have seen the actual mail contents, which as I said were always limited to To: and CC:
Yes, the admin, human brain and so on... Do you know any mail admin, who has even got the time to look at this? ;-) I hope I am halfway back with my brains now. Phew, it took a while :-\ Cheers, Werner -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Saturday 14 January 2012 18:54:57 Werner Flamme wrote:
I understand your example. But... in most companies, your client will not connect to MXes directly. Instead, you use your company's mail relay server (maybe someone wants to add this nonsense "confidential" footer, or the firewall simply does not allow direct mailing) and the relay server contacts the MXes.
Ah, brain is back (I hope)! Of course your client sends all those recipient addresses to the relay server, the relay "bundles" them and connects to the appropriate MXes. Is this correct?
Yes, exactly. Your client connects to the relay as though it were the final destination, and it then handles the outgoing connections, but the contents of the email never changes, and the bcc info never comes near it, that stays in the envelope
Yes, and Thunderbird (at least at some version) displays all the recipients, and you might have a guess now, why you are reading the mail, since you were not in the recipient list :-) And when there is no recipient in the mail at all (because some braindead sender only used bcc), you get "undisclosed-recipients;" shown in TB.
Exactly
Yes, the admin, human brain and so on... Do you know any mail admin, who has even got the time to look at this? ;-)
Good point :) Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Anders Johansson wrote:
The client connects to the MX for foo.com and sends in the envelope
Where does the SMTP server fit in? I thought when I sent an email, it went first to my SMTP server. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Saturday 14 January 2012 14:53:28 James Knott wrote:
Anders Johansson wrote:
The client connects to the MX for foo.com and sends in the envelope
Where does the SMTP server fit in? I thought when I sent an email, it went first to my SMTP server.
It can, but then that SMTP server becomes "the client" in the above description. Some email programs connect directly to the receiving SMTP server, some connect to a local SMTP server that relays, but in both cases the procedure is the same with respect to the address handling Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday, 2012-01-14 at 21:13 +0100, Anders Johansson wrote:
On Saturday 14 January 2012 14:53:28 James Knott wrote:
Anders Johansson wrote:
The client connects to the MX for foo.com and sends in the envelope
Where does the SMTP server fit in? I thought when I sent an email, it went first to my SMTP server.
It can, but then that SMTP server becomes "the client" in the above description. Some email programs connect directly to the receiving SMTP server, some connect to a local SMTP server that relays, but in both cases the procedure is the same with respect to the address handling
No, the client only connects to one SMTP server, the one it is configured in the client setup, and it sends it a single copy of the email with all recipients listed. If my client tries to contact the destination smtp server (like gmail), the connection will be dropped, because I use a dynamic IP. It is this first SMTP server the one that sends to the blind recipients and removes the info. And I can contact this one because it is at my ISP and I pay them, giving me an ID and password. I can not contact directly any longer the destination servers. - -- Cheers, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) iEYEARECAAYFAk8SHIgACgkQtTMYHG2NR9X0LQCfUVFUN8StuBAKFHduWbgyvoSU GpwAoJhI5Uy2RsYHC1UGdDNWdOJ71UwG =Zsdl -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sunday 15 January 2012 01:23:36 Carlos E. R. wrote:
No, the client only connects to one SMTP server, the one it is configured in the client setup, and it sends it a single copy of the email with all recipients listed. If my client tries to contact the destination smtp server (like gmail), the connection will be dropped, because I use a dynamic IP.
As I say, that depends. Don't generalize from your case to the general. There are still lots of people out there who use /usr/lib/sendmail to send their mail, and that sends directly to the recipient, unless you configure it otherwise So when you say "the client only", what you really mean is "my client only". I'm sure that's true, but it isn't always the case And if you send through a relay, that becomes "the client" in my description The point is, the bcc information is not in the text of the email that gets transferred to the remote side client that reads the email Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-01-15 01:50, Anders Johansson wrote:
On Sunday 15 January 2012 01:23:36 Carlos E. R. wrote:
No, the client only connects to one SMTP server, the one it is configured in the client setup, and it sends it a single copy of the email with all recipients listed. If my client tries to contact the destination smtp server (like gmail), the connection will be dropped, because I use a dynamic IP.
As I say, that depends. Don't generalize from your case to the general. There are still lots of people out there who use /usr/lib/sendmail to send their mail, and that sends directly to the recipient, unless you configure it otherwise
I do that as well. I did, till it stopped working because mail was rejected at the other end. Now my postfix only connect to a relay server at the ISP. Either my postfix removes the blind recipients and sends several copies to only one relay server at the ISP, or sends a single copy with all recipients listed to that relay. The client software in all cases sends a single copy with blind recipients listed. It shows in the log.
So when you say "the client only", what you really mean is "my client only". I'm sure that's true, but it isn't always the case
It is indeed the general case. - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk8SKycACgkQtTMYHG2NR9UeVQCgjPsj9+zk8bHDASpbSC+Ocx92 b90An1k4i/CwIHkULf4glAB1t9SVljXJ =pOjc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sunday 15 January 2012 02:25:59 Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2012-01-15 01:50, Anders Johansson wrote:
On Sunday 15 January 2012 01:23:36 Carlos E. R. wrote:
No, the client only connects to one SMTP server, the one it is configured in the client setup, and it sends it a single copy of the email with all recipients listed. If my client tries to contact the destination smtp server (like gmail), the connection will be dropped, because I use a dynamic IP.
As I say, that depends. Don't generalize from your case to the general. There are still lots of people out there who use /usr/lib/sendmail to send their mail, and that sends directly to the recipient, unless you configure it otherwise
I do that as well. I did, till it stopped working because mail was rejected at the other end. Now my postfix only connect to a relay server at the ISP.
Either my postfix removes the blind recipients and sends several copies to only one relay server at the ISP, or sends a single copy with all recipients listed to that relay.
postfix sends individual emails to each bcc recipient, whether that be through a relay or direct. They are not bundled
The client software in all cases sends a single copy with blind recipients listed. It shows in the log.
So when you say "the client only", what you really mean is "my client only". I'm sure that's true, but it isn't always the case
It is indeed the general case.
No Carlos, you are not the entire world. There are still people out there who do not do it your way. But that really doesn't matter. The whole point of this is that the receiving server does not see a list of bcc recipients, whether it is done directly in whatever program you have on your desktop or at the local outgoing smtp server you relay through, it is not the job of the receiving server to hide the bcc addresses. That was what I was responding to. Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-01-15 02:44, Anders Johansson wrote:
No Carlos, you are not the entire world. There are still people out there who do not do it your way.
It is not my way. It is how thunderbird does it, and any other client you can install in linux. And I have tried a few.
But that really doesn't matter. The whole point of this is that the receiving server does not see a list of bcc recipients, whether it is done directly in whatever program you have on your desktop or at the local outgoing smtp server you relay through, it is not the job of the receiving server to hide the bcc addresses. That was what I was responding to.
That may be true. - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk8SxHYACgkQtTMYHG2NR9VVqgCcCSLHlf85KgkGVzynvoHfuJPe 6uQAn3CSH43ClhE5caUWchjbvVdpfU3U =7qKV -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sunday 15 January 2012 13:20:06 Carlos E. R. wrote:
It is not my way. It is how thunderbird does it, and any other client you can install in linux. And I have tried a few.
No. You can select to use /usr/lib/sendmail, at least in kmail, I haven't tried thunderbird in a while but I'd be surprised if it weren't possible there too. And if you don't do anything else with the configuration, it will then send the emails directly. Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-01-15 15:29, Anders Johansson wrote:
On Sunday 15 January 2012 13:20:06 Carlos E. R. wrote:
It is not my way. It is how thunderbird does it, and any other client you can install in linux. And I have tried a few.
No. You can select to use /usr/lib/sendmail, at least in kmail, I haven't tried thunderbird in a while but I'd be surprised if it weren't possible there too. And if you don't do anything else with the configuration, it will then send the emails directly.
Directly from kmail, no, it will not. - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk8S4xsACgkQtTMYHG2NR9UzKACfca/5fzH1D9WSVSlMNgJuOCFo XLkAn0KKMeKui4B+Hlwbu6UIYR+NBanL =QF7g -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sunday 15 January 2012 15:30:51 Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 2012-01-15 15:29, Anders Johansson wrote:
On Sunday 15 January 2012 13:20:06 Carlos E. R. wrote:
It is not my way. It is how thunderbird does it, and any other client you can install in linux. And I have tried a few.
No. You can select to use /usr/lib/sendmail, at least in kmail, I haven't tried thunderbird in a while but I'd be surprised if it weren't possible there too. And if you don't do anything else with the configuration, it will then send the emails directly.
Directly from kmail, no, it will not.
OK, if you prefer to believe that it will magically find your relay server, I won't try to convince you Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-01-15 16:14, Anders Johansson wrote:
OK, if you prefer to believe that it will magically find your relay server, I won't try to convince you
I have never said that, nor anything similar. - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iEYEARECAAYFAk8S8BkACgkQtTMYHG2NR9WemgCfVljqm2DZVKfu2iZW6nc2LZmX q7gAniCeNaEBAuLTUzAsvvfyor+RBEm3 =eD7R -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Anders Johansson wrote:
On Sunday 15 January 2012 13:20:06 Carlos E. R. wrote:
It is not my way. It is how thunderbird does it, and any other client you can install in linux. And I have tried a few.
No. You can select to use /usr/lib/sendmail, at least in kmail, I haven't tried thunderbird in a while but I'd be surprised if it weren't possible there too. And if you don't do anything else with the configuration, it will then send the emails directly.
Not in a vanilla openSUSE install - sendmail (the postfix compatibility interface) will just drop mails into the MTAs queue. -- Per Jessen, Zürich (6.1°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 1/14/2012 3:06 AM, Anders Johansson wrote:
This means that other recipients of the email don't know it also went to the bcc address. They have no way of knowing about it. The information simply isn't there, so the filtering cannot be up to them.
So you didn't read the wiki article or RFC2822 either, I see..... Wiki says:
Since the hiding of the Bcc: addresses from other Bcc: addresses is not required by RFC 2822, one cannot assume the Bcc: addresses will be hidden from other Bcc: addresses. http://en.wikipedia.org/wiki/Blind_carbon_copy
Rfc2822 says: 3.6.3. Destination address fields
In the second case, recipients specified in the "To:" and "Cc:" lines each are sent a copy of the message with the "Bcc:" line removed as above, but the recipients on the "Bcc:" line get a separate copy of the message containing a "Bcc:" line.
5. Security Considerations:
When the second method from section 3.6.3 is used, the blind recipient's address appears in the "Bcc:" field of a separate copy of the message. If the "Bcc:" field sent contains all of the blind addressees, all of the "Bcc:" recipients will be seen by each "Bcc:" recipient.
http://tools.ietf.org/html/rfc2822 -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Saturday 14 January 2012 13:00:50 John Andersen wrote:
On 1/14/2012 3:06 AM, Anders Johansson wrote:
This means
that other recipients of the email don't know it also went to the bcc address. They have no way of knowing about it. The information simply isn't there, so the filtering cannot be up to them.
So you didn't read the wiki article or RFC2822 either, I see.....
http://tools.ietf.org/html/rfc5321#section-7.2
Wiki says:
Since the hiding of the Bcc: addresses from other Bcc: addresses is not required by RFC 2822, one cannot assume the Bcc: addresses will be hidden from other Bcc: addresses. http://en.wikipedia.org/wiki/Blind_carbon_copy
Sure, one can't assume. What I described is what mail servers actually do in practice. Most of them, anyway You said it was the receiving client that stripped out bcc. That is wrong in any RFC. Most sending clients simply don't put it in, they follow the procedure I described. Receiving clients don't care, they display whatever it is they were given by the MTA Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 01/01/2012 03:46, Mark Misulich a écrit :
the url address from the browser window, so I did that. I didn't even know that there is a share function on youtube.
the youtube share fonction gives a shortcut to the video (shorter url). There is a post template on the youtube page, but if you didn't use it it's not the problem. may you could share the video url. Some video, but I didn't think youtube was doing that, have "play" buttons with hidden functions (often "like" for facebook) jdd -- http://www.dodin.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (21)
-
Anders Johansson -
Basil Chupin -
C -
Carlos E. R. -
Damon Register -
David C. Rankin -
Graham Anderson -
Insomniac -
James Knott -
jdd -
John Andersen -
Kim Leyendecker -
Lars Müller -
Mark Misulich -
Michael S. Dunsavage -
Patrick Shanahan -
Per Jessen -
Peter Nikolic -
Roger Luedecke -
Tony Alfrey -
Werner Flamme