Bowie Bailey wrote: > [EMAIL PROTECTED] wrote: >> You have now. :) From mimedefang.pl: >> >> if ($AddApparentlyToForSpamAssassin and >> ($#Recipients >= 0)) { >> push(@sahdrs, "Apparently-To: " . >> join(", ", @Recipients) . "\n"); >> } > > Hmmm... Is this header removed prior to delivery? If not, doesn't it > violate the entire idea of a BCC by letting the recipients know about > each other?
A copy of the message is made, certain headers are appended (Return-Path, Received, Apparently-To), and the copy is passed to SpamAssassin. The return result of the SpamAssassin is captured and the message copy is discarded. So the Apparently-To header is ONLY seen by SpamAssassin, and is not on the message as delivered to recipients. Based on what SpamAssassin returns, the original may have headers appended to it (X-Spam-Status, etc.) -- or the mail might be discarded, tempfailed, or rejected. It might, in theory, be possible for a clever user to be able to infer that someone was BCC'd under certain circumstances... for example, if there was a MAIL_APPARENTLY_TO_JOE_AT_EXAMPLE_DOT_COM rule. -- Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902 Hispanic Business Inc./HireDiversity.com Software Engineer