MAJOR privacy problem with 10.7.2 Mail.app!

Discussion in 'Mac OS X Lion (10.7)' started by fluffy, Oct 16, 2011.

  1. fluffy macrumors member

    Joined:
    Aug 7, 2003
    #1
    I have reported this issue to Apple via the "submit feedback" thing, but that's such a black hole (I love how the latest version on that page is still 10.7.1). Here's my Apple Discussions post:

    https://discussions.apple.com/message/16402681#16402681

    The summary of it is that if you're using CardDAV to store your address book and your CardDAV account's "display name" is the same as your email address, Mail.app "helpfully" auto-expands your email address into the entire address book - EVEN ON THE FROM: LINE. And the latter one doesn't even appear on the local side (not even in sent mail).

    So for example, if my email address is a@example.com and I send an email to someone else, instead of the header saying:

    it says (email addresses are obviously complete fiction):

    The only way I was even aware that this was happening was that I got a bounce message from a spam filter - after I'd sent out several other emails as well. I have no idea how many bounces have ended up getting sent to my entire address book. I have no idea how many people have RECEIVED messages including my entire address book. This is frustrating and terrible and I am so very, very upset at Apple right now for allowing this "feature" to go in, in such a destructive way.
     
  2. Four oF NINE macrumors 68000

    Four oF NINE

    Joined:
    Sep 28, 2011
    Location:
    Hell's Kitchen
    #2
    First I've heard of that.. but I don't know what a CardDAV is.. Are you using MacMail? Is CardDAV your address book? :confused: Does this have anything to do with a MobileMe account?
     
  3. fluffy thread starter macrumors member

    Joined:
    Aug 7, 2003
    #3
    CardDAV is an open standard for storing and synchronizing address books. It's like CalDAV, but for address books instead of calendars. It's actually part of the same protocol suite as CalDAV.

    This has nothing to do with MobileMe.
     
  4. derbothaus macrumors 601

    derbothaus

    Joined:
    Jul 17, 2010
    #4
    Don't name a group the same as your user name. Should be solved. Also have you verified that it isn't just on kick backs that this is seen? The error reports will have more info than standard mail header (so you can troubleshoot)
     
  5. fluffy thread starter macrumors member

    Joined:
    Aug 7, 2003
    #5
    I didn't name the group the same as my username, that was the 'display name' on my CardDAV server. I was able to override that.

    And yes, I have verified it's not just on bounces (of course how would the bounce have my entire address book if Mail.app hadn't been SENDING IT to begin with?). I was able to send an email to an un-spam-protected account and the From: line included my entire address book. My "sent messages" folder shows it as having just come from me.

    OSX 10.7.1 Mail.app didn't have this problem, either. It's obviously a change they made to Mail.app recently. Why would they EVER expand the From: line, anyway? That's really the root problem.
     

Share This Page