I have created a ticket with the Fastmail support asking them more details about the vulnerability you mention in your thread, I’m curious to see their response.
Well they still claim it is impossible to connect different masked emails together. If you as a sender can reliably determine the target email
address, then that claim
is untrue as well.
One concrete vulnerability is mentioned in a linked thread and described here https://news.ycombinator.com/item?id=37791500
I have created a ticket with the Fastmail support asking them more details about the vulnerability you mention in your thread, I’m curious to see their response.
There FM said:
> When forwarding an email as an attachment and later checking the headers of the attached email, I could not find the X-resolved-to header
this is odd, no? This header field should remain.
And regarding that FM Privacy First declaration, this is now 404.
Well they still claim it is impossible to connect different masked emails together. If you as a sender can reliably determine the target email address, then that claim is untrue as well.
3 replies →