Originally Posted by
fqtv_kraven
To cope with spam and their sources, I distribute a unique email ID with any company I communicate with. Since a few weeks, I noticed that I receive spam on the email address used for communication with Etihad. With spam I don't mean the usual newsletters, I mean the real annoying stuff like casinos and pills.
Since I have not saved the email address locally, the only explanation for this is that Etihad allegedly sold my address including other data like my name.
I filed a privacy data request through my business connect account, but haven't heard from them yet.
Originally Posted by
Agent69
Your complaint is like somebody sending their credit card details to a hotel by e-mail and then complaining that it must be the hotel that made them public.
The problem with e-mails is that after they leave your computer they go through a variety of third party servers before they get to their destination. All of these servers have access to your details.
You really should check out the facts before making unsubstantiated allegations. And as for stating that your details have been sold, what evidence do you have of that?
Hmmm, what do you do when you are both partly wrong, and both partly right.....?
Is your E-Mail address completely private if you are using internet E-Mail?
Nope, it is obviously visible to every router in the path from your mail server to the destination mail server.
Are there any documented cases of E-Mail addresses being harvested by transit routers?
none that I'm aware of....
So, I'll avoid chastising the OP and instead try and dig deeper into the problem...
The real answer is,
it depends... I do the same trick. in that I've got a different mail alias (virtuser, if you are a sendmail type) for every list I subscribe to,
and (and this is a
big and) I control my local mail server, so I have control over how my E-Mail is routed, and I know that it doesn't go through an ISP or AV transit server. In my case, if "kenf,
[email protected]" started getting a huge wodge of SPAM, I'd be having hard words with IB over the issue, as the balance of probabilities is that IB/FT would have had a data breach of some description (to be clear, I
don't get spam on my FT alias, and, to my knowledge, FT are whiter than white).
So, in order to decide the relative likelihood of it being Etihad or "the Internet" at fault, we'd need to know:
Who is your E-Mail provider? If you run your own mail server, what MTA and OS do you use, and are you sure you deliver "direct to MX", or does your mail go via an ISP transit server?
Does Etihad's mail server offer secure SMTP? If so, does it have a signed certificate? Will your Mail server use SSL if offered? (If so, transit routers can't see the envelope, and the case for it being the responsibility of the recipient just got a big boost)
What format do you use for your "one time" E-Mail addresses? Are they short (5 chars or less)? Do they use an easily guessable format? do they all use the same domain?
Have you recently had SPAM on any of your other aliases? If they are in a simple format, you may have fallen prey to a random SPAM attack (our server logs are full of attempts to send to "
[email protected]", followed by "aaaab"..... and so on, so, if your alias recipe is too simple you may find your E-Mail aliases are being discovered by exhaustion (BTW, don't try this on
our mail server, as the front-end firewall application will have you blacklisted before you get to "aaaad").
Have you checked the Etihad Mail server's MX record? Where does it route? does it go straight to an MTA on Etihad's network? An ISP server? Something like "mailscanner-a1.mcafee.com" (an outsourced AV front-end)? (To be clear, if Etihad has bought a "cheap and nasty" cloud E-Mail or AV service, and this is compromising security, then as far as I'm concerned, it is still their fault, but you still need to know who to point the finger at!).
However, of course, the biggest test is "has anyone else on FT recently started to get lots of SPAM on the address they gave to Etihad?" - which is the real power of the forums!
Ken.
Willard the Bear - I get lots of SPAM on my E-Mail address, maybe I should stop giving out my card to everyone I meet?