[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] a question about e-mails

To: Remko Lodder <remko@xxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] a question about e-mails
From: "Gary E. Miller" <gem@xxxxxxxxxx>
Date: Fri, 27 Feb 2004 17:28:10 -0800 (PST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Remko!

On Sat, 28 Feb 2004, Remko Lodder wrote:

> I recall a message from earlier today stating an RFC about BCC,
> think it was from valdis but not sure (recieved a lot of mail and
> deleted the one i mentioned)

Here is another good passage from RFC 2822, Section 3.6.3:

   The "Bcc:" field (where the "Bcc" means "Blind Carbon Copy") contains
   addresses of recipients of the message whose addresses are not to be
   revealed to other recipients of the message.  There are three ways in
   which the "Bcc:" field is used.  In the first case, when a message
   containing a "Bcc:" field is prepared to be sent, the "Bcc:" line is
   removed even though all of the recipients (including those specified
   in the "Bcc:" field) are sent a copy of the message.  In the second
   case, recipients specified in the "To:" and "Cc:" lines each are sent
   a copy of the message with the "Bcc:" line removed as above, but the
   recipients on the "Bcc:" line get a separate copy of the message
   containing a "Bcc:" line.  (When there are multiple recipient
   addresses in the "Bcc:" field, some implementations actually send a
   separate copy of the message to each recipient with a "Bcc:"
   containing only the address of that particular recipient.) Finally,
   since a "Bcc:" field may contain no addresses, a "Bcc:" field can be
   sent without any addresses indicating to the recipients that blind
   copies were sent to someone.  Which method to use with "Bcc:" fields
   is implementation dependent, but refer to the "Security
   Considerations" section of this document for a discussion of each.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
        gem@xxxxxxxxxx  Tel:+1(541)382-8588 Fax: +1(541)382-8676
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAP+6s8KZibdeR3qURAhQBAKDRiiKZsWDek7UzkQ57ZKO/A5RFRACfVSj8
O4rha0QMPwps90eI8aqvxhw=
=bQn1
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] Re: OpenPGP (GnuPG) vs. S/MIME
Next by Date: Re: [Full-Disclosure] FW: Fake Email (Update)
Previous by thread: RE: [Full-Disclosure] a question about e-mails
Next by thread: [Full-Disclosure] [RHSA-2004:091-01] Updated libxml2 packages fix security vulnerability
Index(es):
- Date
- Thread