[Bf-committers] Probe Message Privacy Issue
italic.rendezvous at gmail.com
Thu Mar 1 05:01:48 CET 2018
Mailing list subscribers are already exposed on the list member page on
lists.blender.org. I am unsure if they page is protected by a script, but
they are available to anyone to see in a browser.
On Feb 28, 2018 3:37 PM, "Harley Acheson" <harley.acheson at gmail.com> wrote:
> I just got a message from the list manager with a subject of "Bf-committers
> mailing list probe message"
> I certainly understand the process and reason for the message. However, the
> contents *exposes* the email addresses of all the 50 members listed to each
> other. Yes, the message that came to me lists my own email address
> alongside 49 others.
> Not that I care that anyone here knows my email address. But normally
> organizations don't publish lists of addresses like this. It could be used
> for spam, or could be used to make an unofficial list server, as examples.
> As for the message itself, it appears that these indicate bounces from the
> mail servers of Google bouncing messages from Yahoo because of an issue
> with Yahoo's 550-5.7.1 DMARC policy. It looks like the message includes 50
> address as a maximum number as it appears to be an alphabetically-sorted
> list of gmail addresses from a-j.
> Not a big issue, but thought you should know.
> Cheers, Harley
> Bf-committers mailing list
> Bf-committers at blender.org
More information about the Bf-committers