[108202] in Cypherpunks
what is X-UIDL mail header?
daemon@ATHENA.MIT.EDU (Adam Back)
Mon Feb 8 20:16:46 1999
Date: Tue, 9 Feb 1999 00:57:13 GMT
From: Adam Back <aba@dcs.ex.ac.uk>
To: cypherpunks@cyberpass.net
Reply-To: Adam Back <aba@dcs.ex.ac.uk>
Does anyone know what the X-UIDL mail header is for? And which
clients produce it?
Unsolicited bulk mail people seem to use it a lot, and from grepping
my cypherpunks mail folder I see the odd message to this list includes
it.
The reason for the interest is that I got a complaint of a message
delivered through the swiss remailer which included an 'x-sender'
field, which looked to accidentally leak the originators email. This
rather removes anonymity, so I am trying to track down what could
cause it.
======================================================================
Message-ID: <xxxxxxxxxxxxxx.xxxx.qmail@hades.rpini.com>
From: Anonymous <nobody@remailer.ch>
Comments: This message did not originate from the Sender address above.
It was remailed automatically by anonymizing remailer software.
Please report problems or inappropriate use to the
remailer administrator at <admin@remailer.ch>.
Subject: XXXXXXXXXXXXXXXXXXXXXXXXXXX
To: XXXXXXXX@XXXXX.XXX
Content-Type: text
X-Mozilla-Status: 9001
X-Mozilla-Status2: 00000000
X-UIDL: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
x-archive: no
x-sender: AAAAAAA@AAAAA.AAA
x-anon: yes
[message]
======================================================================
The x-sender looked realistic, though it is usually uppercase
"X-Sender". x-archive: is odd, the correct form is "X-No-Archive:
yes" I think.
That a message sent via a mixmaster remailer would include an
X-Mozilla-Status header is itself a bit of a puzzle. One suggestion
was that it might have been sent earlier in the chain via a type I
remailer, and some type I remailers automatically re-send via one or
more type II remailers to increase security.
An alternate plausible explanation is that the leak was a fake
intended to get the recipient to complain to the x-sender address.
Adam
