www.ritlabs.com [Topic: Security leak - Local hostname exposed to gmail] http://www.ritlabs.com New posts in Security leak - Local hostname exposed to gmail of forum at www.ritlabs.com [www.ritlabs.com] en http://backend.userland.com/rss2 Fri, 02 Nov 2018 10:04:47 +0200 Security leak - Local hostname exposed to gmail Security leak - Local hostname exposed to gmail When sending email, gmail writes down computer's local network name in email header together with public one in forum The Bat! - Configuring the E-mail Client.
Thanks Daniel!

Filed a request to them https://www.ritlabs.com/en/support/ticket_edit.php?ID=80303
02 November 2018 10:04:47, V D.]]> http://www.ritlabs.com/en/forums/forum4/topic13555/message46414/ http://www.ritlabs.com/en/forums/forum4/topic13555/message46414/ Fri, 02 Nov 2018 10:04:47 +0200 The Bat! - Configuring the E-mail Client Security leak - Local hostname exposed to gmail Security leak - Local hostname exposed to gmail When sending email, gmail writes down computer's local network name in email header together with public one in forum The Bat! - Configuring the E-mail Client.
I'm seeing internal server names in message headers all the time and some are actually quite entertaining. If you believe this is a security risk (and it's not required by some RFC standard), I'd recommend that you file a bug report to Ritlabs through the Support menu above. This is mainly a user-to-user forum and the developers might not see your comments, or only much later.
02 November 2018 01:57:13, Daniel van Rooijen.]]> http://www.ritlabs.com/en/forums/forum4/topic13555/message46402/ http://www.ritlabs.com/en/forums/forum4/topic13555/message46402/ Fri, 02 Nov 2018 01:57:13 +0200 The Bat! - Configuring the E-mail Client Security leak - Local hostname exposed to gmail Security leak - Local hostname exposed to gmail When sending email, gmail writes down computer's local network name in email header together with public one in forum The Bat! - Configuring the E-mail Client.
Using the latest The Bat Voyager 8.4.0.6 , as well as some 5-year-old version leads to this unexpected security leak. How to reproduce:
1) Use Gmail IMAP account in Voyager
2) Send an email
3) Sync [GMAIL]\Sent Mail folder with IMAP in The Bat, your message will appear there.
4) Open message header, you will see you local computer hostname (LOCALPC1.LOCALDOMAIN.LOCAL) together with global one, somthing like that: ====code==== 
Received: from LOCALPC1.LOCALDOMAIN.LOCAL (ppp183-37-15-165.pppoe.vodafone.eg [183.37.15.165])
        by smtp.gmail.com with ESMTPSA id k1-v6sm354328221lja.59.2018.11.01.12.43.31
        for <xxxxxxx@xx.xx>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
        Thu, 01 Nov 2018 12:43:32 -0700 (PDT)
============= I find this pretty much unacceptable to expose internal computer name to the public because it may contain come interesting information as well. What can be done to fix or investigate that?

Thanks

P.S. Your server sending emails to furum users is not vulnerable and is hardened on this issue not exposing any internal names:
====code==== 
Received: from mail.ritlabs.com ([127.0.0.1])
        by localhost (mail.ritlabs.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id I5x0XOta0_kX; Thu,  1 Nov 2018 22:08:56 +0200 (EET)
Received: from www.ritlabs.com (unknown [10.10.11.24])
        by mail.ritlabs.com (Postfix) with ESMTP id 7E3032601C4;
        Thu,  1 Nov 2018 22:08:56 +0200 (EET)
=============


01 November 2018 22:25:18, V D.]]> http://www.ritlabs.com/en/forums/forum4/topic13555/message46399/ http://www.ritlabs.com/en/forums/forum4/topic13555/message46399/ Thu, 01 Nov 2018 22:25:18 +0200 The Bat! - Configuring the E-mail Client