Your message dated Sat, 10 May 2014 08:40:53 +0200
with message-id <[email protected]>
and subject line Re: Bug#745798: privacy violation/ban emails reveal re-written 
addresses
has caused the Debian Bug report #745798,
regarding privacy violation/ban emails reveal re-written addresses
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
745798: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745798
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: amavis-new
Version: 1:2.7.1-2
Severity: serious


When an email is banned due to an attachment, the ban email sent to the
sender includes the ultimate recipient's address resolved by the virtual
lookup table

This appears to be a privacy risk, as the virtual mapping contains email
addresses that may not already be known to the sender.

--- End Message ---
--- Begin Message ---
On Fri, 25 Apr 2014, Daniel Pocock wrote:

> Package: amavis-new
> Version: 1:2.7.1-2
> Severity: serious
> 
> 
> When an email is banned due to an attachment, the ban email sent to the
> sender includes the ultimate recipient's address resolved by the virtual
> lookup table
> 
> This appears to be a privacy risk, as the virtual mapping contains email
> addresses that may not already be known to the sender.
No, you should never send those mails to someone out of your domain. If you
don't want to expose this, don't send this mails.

This is entirely configurable and there is no useful option for amavis to
prevent this problem. Therefore I'll close this bug.

If you disagree feel free to reopen the bug, but imho this is a user
configuration problem and no software problem.

Alex

--- End Message ---

Reply via email to