| Summary: | BCC addresses shows bcc's to "To:" recipient | ||
|---|---|---|---|
| Product: | [Applications] kmail2 | Reporter: | ferahgo.de |
| Component: | general | Assignee: | kdepim bugs <kdepim-bugs> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | a.vanloon, claudio.fwp, cordlandwehr, franz.trischberger, gandalflechner, j.zaitseff, jenslang, john, kdebugs, mail, micuintus, null, peter.pille, scl+kde, sven.burmeister, trebor_x, variosinftk |
| Priority: | VHI | ||
| Version: | 2.0.89 | ||
| Target Milestone: | --- | ||
| Platform: | openSUSE | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed In: | 4.8.0 | |
| Sentry Crash Report: | |||
| Attachments: |
snapshot of the bug
patch to remove BCC from mail befor sent out patch to remove BCC from mail befor sent out |
||
|
Description
ferahgo.de
2011-01-18 23:13:10 UTC
I cannot reproduce this using kmail-4.6.40.git.1295365191-1.1. Please reopen if you can reproduce using a later version. 4.6.40.git.1295453417-1.1 - retried. Still shows up. Are you by any chance using a gmail-account? Maybe it's something related to their SMTP server? Created attachment 56265 [details]
snapshot of the bug
I cannot reproduce this bug... I am using gmail... Here is some information about my kde enviroment
kde-devel@kokeroulis-desktop:~> kmail -v
Qt: 4.7.1
KDE Development Platform: 4.6.41 (4.7 >= 20110106)
KMail: 2.0.89
And here is a snapshot...
But there you go, that's what I mean. You CAN see the BCC: line in your mail. And when I send messages from the webclient of my university-mail I cannot - which is the way it should be! CC of course is to be shown to the others, but not BCC, see here, quoted from [1]: === Visibility=== [..] the recipient of an email can see any email address specified by the Sender in the To: or Cc: fields. If on the other hand the Sender has specified addresses in the Bcc: field, the recipient in this case cannot see these Bcc addresses. [...]The "BCC:" field (where the "BCC" means "Blind Carbon Copy") contains addresses of recipients of the message whose addresses are not to be revealed to other recipients of the message. ____ [1]= https://secure.wikimedia.org/wikipedia/en/wiki/Blind_carbon_copy#Visibility Compare: [1] vs. [2] Here, both mails come from the uranus.uni-freiburg.de -address and are sent To: ferahgo[xx]@gmail.com and BCC'd to the mo.[xx]@gmail.com address. 1 is the result by kmail, 2 by the web interface. __ [1] http://www.abload.de/img/snapshot1htlk.png [2] http://www.abload.de/img/snapshot2poq9.png Well I cannot reproduce this bug using my day or so old version of kmail/kde. I'm using postfix as my mail server. Could you attach the actual mail that has the Bcc: Header shown here as an mbox file? see here: http://db.tt/Els1lSC (kmail) and http://db.tt/QhtVkeZ (web interface). I altered the files insofar as I've greyed out my mail adresses - sorry if that is a problem, I just have my little worries about having them online "sort of" publicly. From my naive point of view the web interface does it as follows: It deletes the BCC: line completely from the header while sending but sends it there nonetheless - which kmail seems to handle differently. However it's maybe a simple way around: use postfix as this seems to work for you, but still.. What sort of transport are you using for sending (SMTP/Sendmail)? SMTP:) Damn, there goes one theory I'm sorry but I cannot reproduce this or find any potential issues in the code. Until I (or someone else) can reproduce I'm afraid fixing will be next to impossible. One final question: could you post a wireshark dump of the message sending between your computer and your SMTP server? http://db.tt/vqlCbwO I hope this does it? I've never done that before so I'm not too sure about it. Beware, it's a txt of ~700 KiB .. I can reproduce this bug. If I send emails with bcc the received email contains a field bbc in the header with all email addresses. This bug is still present in kmail 2.1.0. Any news to this topic? How can I help? *** Bug 278014 has been marked as a duplicate of this bug. *** Hi, just tested with kdepim 4.6.1, unfortunately I can still reproduce this bug (my original report was: https://bugs.kde.org/show_bug.cgi?id=278014). The message source of a message as received by the To-receiver looks as follows: ------------------------- Return-Path: <phoenixx@uni-paderborn.de> Received: from mail.uni-paderborn.de (spheron.uni-paderborn.de [131.234.200.49]) by mail.uni-paderborn.de (Cyrus v2.3.16-Debian-2.3.16-4) with LMTPA; Thu, 21 Jul 2011 15:06:08 +0200 X-Sieve: CMU Sieve 2.3 Received: from worblehat.cs.uni-paderborn.de ([131.234.65.71] helo=worblehat.localnet) by mail.uni-paderborn.de with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72 spheron) id 1Qjsx4-0000t0-Io; Thu, 21 Jul 2011 15:06:07 +0200 From: Andreas Cord-Landwehr <phoenixx@uni-paderborn.de> To: cola@upb.de Bcc: cordlandwehr@googlemail.com Subject: bcc test Date: Thu, 21 Jul 2011 15:06:05 +0200 Message-ID: <1866644.upYXcEeu6t@worblehat> User-Agent: KMail/4.6.1 (Linux/2.6.39-2-686-pae; KDE/4.6.5; i686; git-8bc3fea; 2011-07-16) MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-IMT-Spam-Score: 0.0 () X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2011.7.21.125715 X-IMT-Authenticated-Sender: uid=phoenixx,ou=People,o=upb,c=de Andreas, can you try the same test but with the gmail smtp server instead. Return-Path: <cordlandwehr@googlemail.com> Received: from worblehat.localnet (worblehat.cs.uni-paderborn.de [131.234.65.71]) by mx.google.com with ESMTPS id s10sm1488206fah.46.2011.07.21.09.28.58 (version=SSLv3 cipher=OTHER); Thu, 21 Jul 2011 09:28:58 -0700 (PDT) Apparently it is not Cyrus-mail's fault ;) Here the mail, I received at the To-Receiver at the google-account: ------------------------------------- From: Andreas Cord-Landwehr <cordlandwehr@googlemail.com> To: cordlandwehr@googlemail.com Bcc: cola@upb.de Subject: BCC 5 Date: Thu, 21 Jul 2011 18:28:57 +0200 Message-ID: <100868973.f3VFht6u6I@worblehat> User-Agent: KMail/4.6.1 (Linux/2.6.39-2-686-pae; KDE/4.6.5; i686; git-8bc3fea; 2011-07-16) MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Sorry, here with a clean mail-source: ------------------ Return-Path: <cordlandwehr@googlemail.com> Received: from worblehat.localnet (worblehat.cs.uni-paderborn.de [131.234.65.71]) by mx.google.com with ESMTPS id s10sm1488206fah.46.2011.07.21.09.28.58 (version=SSLv3 cipher=OTHER); Thu, 21 Jul 2011 09:28:58 -0700 (PDT) From: Andreas Cord-Landwehr <cordlandwehr@googlemail.com> To: cordlandwehr@googlemail.com Bcc: cola@upb.de Subject: BCC 5 Date: Thu, 21 Jul 2011 18:28:57 +0200 Message-ID: <100868973.f3VFht6u6I@worblehat> User-Agent: KMail/4.6.1 (Linux/2.6.39-2-686-pae; KDE/4.6.5; i686; git-8bc3fea; 2011-07-16) MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Tried different accounts, different settings (signed/unsigned, with/without attachment, plain/html different charsets..) Still unable to reproduce. no clue if you look at the message in your sent folder ? Hi, I wrote a mail with Idedove for comparison. Here is what I received at the To-receiver (the Bcc-receiver is stripped correctly). Would it help to make any kind of traces? ------------------------------- Delivered-To: cordlandwehr@googlemail.com Received: by 10.68.62.36 with SMTP id v4cs13861pbr; Fri, 22 Jul 2011 00:41:55 -0700 (PDT) Received: by 10.223.36.89 with SMTP id s25mr1701017fad.9.1311320514615; Fri, 22 Jul 2011 00:41:54 -0700 (PDT) Return-Path: <phoenixx@uni-paderborn.de> Received: from mail.uni-paderborn.de (mail.uni-paderborn.de [131.234.142.9]) by mx.google.com with ESMTPS id d8si3505412fak.171.2011.07.22.00.41.54 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 22 Jul 2011 00:41:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of phoenixx@uni-paderborn.de designates 131.234.142.9 as permitted sender) client-ip=131.234.142.9; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of phoenixx@uni-paderborn.de designates 131.234.142.9 as permitted sender) smtp.mail=phoenixx@uni-paderborn.de Received: from kaffee.uni-paderborn.de ([131.234.11.196]) by mail.uni-paderborn.de with esmtpsa (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.72 spheron) id 1QkAMq-0007AX-IO; Fri, 22 Jul 2011 09:41:53 +0200 Message-ID: <4E2929BF.4030103@uni-paderborn.de> Date: Fri, 22 Jul 2011 09:41:51 +0200 From: Andreas Cord-Landwehr <phoenixx@uni-paderborn.de> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.16) Gecko/20110704 Lightning/1.0b1 Icedove/3.0.11 MIME-Version: 1.0 To: cordlandwehr@googlemail.com Subject: BCC TEST 7 X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit X-IMT-Spam-Score: 0.0 () X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2011.7.22.73016 X-IMT-Authenticated-Sender: uid=phoenixx,ou=People,o=upb,c=de TB generated mail All information about transport type and settings (not actual usernames or servers, but what boxes are ticked and what fields are used and so). That way the code path should be possible to find and reproducing should be easier. Hi, after a lot of research an testing with different mail servers (where I could reproduce the bug only on some of them), I am quite sure that we hit the Exim-Bug from which also MUTT suffers: http://linuxgazette.net/182/brownss.html My tests resulted in: * reproduceable with Cyrus mailserver * non-reproduceable with Postfix * reproduceable with Googlemail (no idea what they are using) I hope this helps. ok reproduced with two gmail accounts and a gmx one after reading this (in french) http://www.google.com/support/forum/p/gmail/thread?tid=60c332bcebb449b1&hl=fr basically: from @gmx address to/cc remains empty bcc gmail account 1 bcc gmail account 2 on both gmail accounts, the two bcc recipients appear ...and everything works as expected with non gmail addresses. I think we should close it with upstream I don't think so. At least with one of my university mailservers (running Cyrus mailserver software) this problem is also present. And contrary, the Bug is not present with KMail 1. So it is a regression that should be fixed imho. This bug is still present in 4.7.1 System New installation of opensuse 11.4, updated to KDE 4.7.1 When I send emails to a single To: recipient with BCC to several other recipients (not all gmail accounts), the To: recipient can see the BCC addresses. I have tested this with gmail smtp (smtp.gmail.com) and demon smtp (post.demon.co.uk), with the same result. If I send the email via Yahoo smtp (smtp.mail.yahoo.co.uk) the To: recipient does not see the BCC addresses. The bug is marked as WAITINGFORINFO. What info is required? (In reply to comment #24) > ...and everything works as expected with non gmail addresses. I think we should > close it with upstream I've now tested it with 1&1 smtp server and Demon (UK) smtp server as well as Gmail, sending in each case to non-gmail addresses. In all cases the To: recipient can see the BCC addresses, and in some cases the BCC recipients can see all the BCC addresses. This did not happen with Kmail1. This behaviour could give us some problems as most people on our membership lists specifically request to be sent BCC as they do not want their email addresses to be open to everybody. Is there any information I can provide that could help nail the bug? *** Bug 282536 has been marked as a duplicate of this bug. *** Note: Bug 282536 contains a wireshark log *** Bug 284812 has been marked as a duplicate of this bug. *** *** Bug 285312 has been marked as a duplicate of this bug. *** *** Bug 275154 has been marked as a duplicate of this bug. *** *** Bug 285345 has been marked as a duplicate of this bug. *** reopen The same for KMail in Ubuntu 11.10: The BCC is visible to everyone. Same for me. Sending with web.de works (not BCC visible for recipients, only for the sending account, if it is within the bcc list) Sending with mail.zeus02.de (UD Media) discloses all BCCs. Sending with googlemail discloses all BCCs. Sending done solely with kmail2. Installed is full kde.4.7.2 (including bundled kontact/kmail). Also tested it with full kde-4.7.3, where googlemail discloses BCCs and web.de does not. Created attachment 65366 [details]
patch to remove BCC from mail befor sent out
this patch removes the BCC recipients from the message in function Message::ComposerViewBase::fillQueueJobHeaders after they have been transferred to the send job.
Disadvantage is, that you don't see the BCC recipients anymore in the message copied to the sent folder.
the bug is present in the 4.7.3 release. I d very much prefer Peters patch with not being able to see the BCC recipients in the sent folder than showing it to everyone. Created attachment 65642 [details]
patch to remove BCC from mail befor sent out
using the diff tool to create the patch according to the KDE conventions this time.
The attached patch applies to the file kdepim/messagecomposer/composerviewbase.cpp I'm also suffering of this bug. I'm using the smtp server by www.df.eu Interestingly, it works as expected if I'm sending the mail not directly to persons but to mailing lists (e.g. kdepim mailing list). Interesting Sven, I had the problem also with using mailing lists. That's actually how I got aware of this bug. (In reply to comment #42) > Interesting Sven, I had the problem also with using mailing lists. That's > actually how I got aware of this bug. I tried the kdepim mailing list, and no BCC were visible. (Mail from 11.11.11, however, the archive is not up to date). Hi Sven,
the reason might be, that I'm using googlemail directly via IMAP and are not
using any smtp server on my machine.
Peter
Am Samstag, 19. November 2011, 10:25:00 schrieb Sven Klomp:
> https://bugs.kde.org/show_bug.cgi?id=263587
>
>
>
>
>
> --- Comment #43 from Sven Klomp <mail klomp eu> 2011-11-19 10:24:59 ---
> (In reply to comment #42)
>
> > Interesting Sven, I had the problem also with using mailing lists.
> > That's
> > actually how I got aware of this bug.
>
> I tried the kdepim mailing list, and no BCC were visible. (Mail from
> 11.11.11, however, the archive is not up to date).
I confirm too it's present in 4.7.3 with servers mail.gmx.com and smtp.googlemail.com. Any possibility of having this really disturbing bug solved for 4.7.4? Regards This bug is definitely present in KMail 4.7.3. Try add multiple BCC-s. KMail will separate them with comma and GMail will show all of them next to the recipient. I attached a patch here recently, but got no reply of any developer so far. Does anybode know how to contact them directly? Peter you can try http://pim.planetkde.org/ perhaps also forum.kde.org, but I think the most direct way is writing to the authors; their email addresses are listed in Kmail, menu Help/About Kmail/Authors (or something like that, my Kmail is in spanish) For patches please use git.reviewboard.kde.org instead of bugzilla. The noise level of bugzilla simply hides the patches so no one notices them. Git commit 0875ca055322fd94962ed473be0a41854e17373a by Torgny Nyblom. Committed on 02/12/2011 at 09:43. Pushed by tnyblom into branch 'master'. Make sure that the Bcc header is removed When sending a mail make sure that the Bcc header is removed before sending the mail. CCBUG: 263587 REVIEW: 103308 M +4 -0 agents/maildispatcher/sendjob.cpp http://commits.kde.org/kdepim-runtime/0875ca055322fd94962ed473be0a41854e17373a Git commit 468b955ec785d8dca94ae00aa982d6d1b0a86410 by Torgny Nyblom. Committed on 02/12/2011 at 09:43. Pushed by tnyblom into branch 'KDE/4.7'. Make sure that the Bcc header is removed When sending a mail make sure that the Bcc header is removed before sending the mail. CCBUG: 263587 REVIEW: 103308 (cherry picked from commit 0875ca055322fd94962ed473be0a41854e17373a) M +4 -0 agents/maildispatcher/sendjob.cpp http://commits.kde.org/kdepim-runtime/468b955ec785d8dca94ae00aa982d6d1b0a86410 *** Bug 289732 has been marked as a duplicate of this bug. *** *** Bug 289339 has been marked as a duplicate of this bug. *** with 4.7.4. the bug is still present for me. The above commit was too late for the 4.7.4 official release so distrobutions need to include it manually. |
