Comment by tmarice

1 month ago

One concrete vulnerability is mentioned in a linked thread and described here https://news.ycombinator.com/item?id=37791500

I have created a ticket with the Fastmail support asking them more details about the vulnerability you mention in your thread, I’m curious to see their response.

5 comments

tmarice

chrisjj 1 month ago

There FM said:

> When forwarding an email as an attachment and later checking the headers of the attached email, I could not find the X-resolved-to header

this is odd, no? This header field should remain.

And regarding that FM Privacy First declaration, this is now 404.

tmarice 1 month ago
Well they still claim it is impossible to connect different masked emails together. If you as a sender can reliably determine the target email address, then that claim is untrue as well.
- chrisjj 1 month ago
  
  Where are they still claiming that?
  
  2 replies →