Comment by poyu
2 years ago
I’d agree this kinda defeats the purpose of using custom domains and aliases. Because ideally no one should be able to get to your original Fastmail account. I saw this too while snooping around in the headers, not sure what to think of it but it’d be great if this is completely hidden from outgoing emails.
Just to clarify, in Fastmail, you have the option to add alias email addresses to your Fastmail account. It's like in Gmail where you can add a "+" or "." after your primary email's local part, and it will still get delivered to your original Gmail inbox. This is like that but you can assign any addresses to forward to your original Fastmail account. They even advertise this as a privacy feature[0] (though I'm not sure if they have different treatment than Aliases[1])
What OP was saying is that Fastmail internally adds an email header that reveals your original Fastmail account during a process to route your emails. This header will be presented if you then reply to an incoming email sent to an alias or masked address, thus leaking your original email to the receiver.
[0]: https://www.fastmail.help/hc/en-us/articles/4406536368911-Ma...
[1]: https://www.fastmail.help/hc/en-us/articles/360060591073-How...
Your comment here is factually incorrect - the "X-Resolved-To" will not be present anywhere in the email if you Reply, or with a regular Forward.
It will only be present if you "Forward as Attachment" an email which was sent to your alias or masked address, which adds the raw MIME message as an attachment - including all headers.
(the OP did get this correct)
I just checked, and you’re right. Thanks for pointing this out!