Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[tickmike]

Protecting Your Privacy In Email Headers from your own emails (these are not the company/firms emails) !.

My Daughter has started her First job and she gets free accommodation with Free high speed internet access via the firms internal Ethernet LAN feed to an access point in her flat and I would think the Ethernet LAN feeds there admin and all other offices/shops also other employees accommodation/flats.

I could see there feed comes through a 'pfsence' Hardware Firewall.

My wife and I have just been to see her and help with some diy in her flat and I set her laptop up for the internet use and set her emails up to use an outgoing SMTP server via gmail.com    (The emails send and recieve ok ). 

I did a  speed test and got 36Mbps down and 20 up  ping 11ms .

Checking her laptops Network IP address / Gateway and DNS settings I noticed the DNS and Gateway where different and it looks like it's DNS server is the the mail server for this firm ! 
Something odd there. 
With my own Hardware Network firewall the 'Gateway' and 'DNS' are the IP's of the firewalls and not a mail servers !.

I sent some emails to herself to test they sent and received also some to my home email address.

To day I have been looking at the emails I sent to my email address at home and I am not very happy for they are advertising what place she works in her private emails and it only took less that 30 seconds googling to find out where she is from by the email headers, that is not acceptable in this day and age. 

 I can see in the mail headers 'mail.?firm.net' (the firms name where she is removed)
The website for the firm and all there Ethernet LAN  is handled via another IT. company.
 
Do you think I should contact this IT firm and ask if there setting are correct .?

[d2d4j]

Hi tickmike

I hope you don't mind, but personally I see nothing wrong with the setup or email headers

I presume, as she is using gmail, the gmail mail server is listed, so the mail.firm.url has to be the PTR on the IP address used by her connection.

I am thinking you gained the address from a Whois on the domain name as a Whois on the IP address should only show who owns the cidr range

This to me in not a security breach, as an electrol search on her, would reveal an address and there are other ways to find someone's address

Many thanks

John

[Ronski]

This to me in not a security breach, as an electrol search on her, would reveal an address and there are other ways to find someone's address

It won't if she's opted out of the open register

[sevenlayermuddle]

If using a local email client then I am not surprised that the public IP address of the client appears in the headers.   But as with so many things, I am not an expert, may stand corrected.

But if that is correct, if using gmail, and you want privacy, I would have thought that using the online webmail service rather than local client might help?

Regarding resolution to geographic address, remember that Google know the precise map coordinates of pretty much every WiFi AP in most of the world.   They can also have a good guess at the IP address associated, at any moment in time, with each AP.   Basically, every time you breathe on the Internet, if you are directly or indirectly using their services, Google can pinpoint you to within a few feet.

Of course, Google are a pillar of society in the world of technology, who only have our best interests at heart, and they would never share what they know about us with their trusted partners.   We have nothing to worry about.

[tickmike]

OK Let me try and explain a bit better as I have not in my first post.

She has used a gmail SMTP  server for sending emails for a long time while away from home at uni and has no problem with it.     It Is Not The Problem !. Forget about gmail.

1. She works for a firm lets say is called 'ThisFirm'.
2. While at my daughters in the flat provided by 'ThisFirm'.
3. Using her laptop with the internet provided by 'ThisFirm'.
4. I send myself an email (to test her emails work ok ).
5. Today I am now back at home so I read the email. Looks ok !.
6. I now look at the 'email message source' clearly IT SHOWS THE 'ThisFirm's  name

If 'ThisFirm' is giving it's staff the free use of it's internet connection it should Not be putting the firms name on the staffs Private emails .
There is something wrong with the way they have set up the internet connections for the staff.

[licquorice]

Sorry, my simplistic view would be that it's their internet it's their rules.

[d2d4j]

Hi

Many thanks, and yes, I understood I thought your first post

What is not clear, when you say putting firms name on private emails

Where and how are you seeing this

I assume from the header details, showing thusfirms IP address and corresponding PTR (RDNS), which because thisfirm runs a mail server, happens to be the same IP address and therefore your seeing the Rdns showing thisfirm domain as mail.thisfirm.url, which is a requirement of RFC

If you could post the header details but change identifiable info for thisfirm, that would help, but usually all mail servers would not strip any header details

Many thanks

John

[sevenlayermuddle]

If 'ThisFirm' is giving it's staff the free use of it's internet connection it should Not be putting the firms name on the staffs Private emails .

Why not, unless they promise not in their T&C?



Anybody providing any services on the Internet will be expecting a payback, else why would they bother?   The payback may simply be good client relations but more usually, the payback comes from selling email and IP addresses to spammers trusted partners.

I think the whole thing is deplorable, but it is not illegal.

[tickmike]

I use 'Thunderbird' email browser and I can highlight any email and go to 'view' then 'message source' and see all the details for that email.

on one of the details it says
'Received: from localhost.localdomain (mail.ThisFirm.net. [xxx.xx.xxx.202])'



When my daughter was working as an 'Interm' at a firm in Chester last year, she used there internet feed and it did not put the firms name on her private emails.
On those emails message source it says
Received: from localhost.localdomain (xx.xxx.xx.99.dynamic.dsl.as9105.com. [xx.xxx.xx.1])


Now on my daughters laptop used in her new flat on the firms LAN IP = 10.255.156.223, Gateway of 10.255.156.1 DNS 10.255.156.2
Should the gateway and DNS be the same ?.

She does not want the firms name in her private email detail source, eg say if she wanted to apply for a new job via her emails, if someone knew how to look at the emails details they could work out where she works now.

[tickmike]

Why not, unless they promise not in their T&C?

There was no T&C 

[Weaver]

You could use a different SMTP server with an encrypted and tamper-proof connection to it (SSL or similar). This is available with the email service I use which only costs about £10-20 per year (for a group of ten mailboxes and a reasonable storage allowance).

[Ronski]

I know it was only an example but don't most people list where they work now in their CV.

Would using a VPN get around the issue?

[d2d4j]

Hi

Many thanks for the example

The company are not adding their details into email

It is the external IP address has an rdns of mail,thisfirm.url,  and not a default rdns as your second example

Many thanks

John

[d2d4j]

Hi

Sorry, I also meant to answer your second question over IP settings on her lan

Those are fine, and yes, the DNS IP address can be any IP which runs a DNS server, e.g. 8.8.8.8 (Google DNS) etc...

Also, the lan IP could be different from the gateway IP as well as DNS IP, depending upon how the lan has been setup

Many thanks

John

[tickmike]

I know it was only an example but don't most people list where they work now in their CV.

It's also telling the world where she lives and That is our main concern as a parent. 

Would using a VPN get around the issue?

How ?,
 To ?  !.