interesting development, will FM add this

digp · 24 Nov 2013, 06:00 AM

http://www.vfemail.net/faq.php#twentyone

What is the Metadata Mitigator™?
In short, it prevents the NSA (or any other eavesdropper) from tracking your communications back to you, or profiling your communications, based on email 'envelope' information.

The long version with all the details:
Email is in plain text by default. It is also structured much like regular postal mail. The email you compose is essentially 'stuffed' into an envelope. On that envelope is written the sender and the recipient. During delivery, servers then add the 'postmark' (timestamp and sending IP), just like the post office does. That information is called 'metadata'. It can be read almost as easily as you can read the outside of a sealed envelope. Except with email, that data can be stored in logs for any amount of time, and any government agency can request that data and practically be assured they will receive it. The United States National Security Agency in 2013 has been exposed as collecting and using that data to catalog email traffic and create associations based on who is communicating with whom.
VFEmail's Metadata Mitigator™ automatically rewrites the 'From' address on the envelope to a unique address for each email sent - creating virtual forwarding PO Boxes - which renders the gathering and cataloging useless as your real email address is never shown. Your recipients will still see the email is from you (they have 'opened' the envelope), and they can reply to your regular address without any addiitonal steps. No changes need to be made to your email client to enable this feature either. In addition, any bounced or rejected email will still be returned to you. This feature is availabe, and automatically enabled, for all Gold and Platinum users.

Also will FM use data centers outside the US of A.?

kijinbear · 24 Nov 2013, 02:50 PM

Sounds rather useless, unless there's more to it than what I can guess from the short description.

The NSA will simply adjust their strategy (if they haven't already) and start analyzing the headers instead of the envelope address. After all, if the envelope address is not encrypted, the headers won't be encrypted either. The headers also contain a lot more valuable information, such as the IP address and/or timezone of the sender.

Lots of newsletter sending apps use VERP (variable envelope return path) to generate a unique envelope address for each email. This makes it easier for them to process bounces, rejections, and unsubscribes. Many web hosting companies also use their own server & account names in the envelope, rather than the sender's email address. This helps them respond to spam more effectively. The technology to alter envelope addresses is as old as email itself. It's not a new trick at all, and I'm sure the NSA knows how to handle it.

24 Nov 2013, 06:00 AM	#1
digp Master of the @ Join Date: May 2003 Posts: 1,320	interesting development, will FM add this http://www.vfemail.net/faq.php#twentyone What is the Metadata Mitigator™? In short, it prevents the NSA (or any other eavesdropper) from tracking your communications back to you, or profiling your communications, based on email 'envelope' information. The long version with all the details: Email is in plain text by default. It is also structured much like regular postal mail. The email you compose is essentially 'stuffed' into an envelope. On that envelope is written the sender and the recipient. During delivery, servers then add the 'postmark' (timestamp and sending IP), just like the post office does. That information is called 'metadata'. It can be read almost as easily as you can read the outside of a sealed envelope. Except with email, that data can be stored in logs for any amount of time, and any government agency can request that data and practically be assured they will receive it. The United States National Security Agency in 2013 has been exposed as collecting and using that data to catalog email traffic and create associations based on who is communicating with whom. VFEmail's Metadata Mitigator™ automatically rewrites the 'From' address on the envelope to a unique address for each email sent - creating virtual forwarding PO Boxes - which renders the gathering and cataloging useless as your real email address is never shown. Your recipients will still see the email is from you (they have 'opened' the envelope), and they can reply to your regular address without any addiitonal steps. No changes need to be made to your email client to enable this feature either. In addition, any bounced or rejected email will still be returned to you. This feature is availabe, and automatically enabled, for all Gold and Platinum users. Also will FM use data centers outside the US of A.?

24 Nov 2013, 02:50 PM	#2
kijinbear Cornerstone of the Community Join Date: Mar 2011 Location: ~$ Posts: 652	Sounds rather useless, unless there's more to it than what I can guess from the short description. The NSA will simply adjust their strategy (if they haven't already) and start analyzing the headers instead of the envelope address. After all, if the envelope address is not encrypted, the headers won't be encrypted either. The headers also contain a lot more valuable information, such as the IP address and/or timezone of the sender. Lots of newsletter sending apps use VERP (variable envelope return path) to generate a unique envelope address for each email. This makes it easier for them to process bounces, rejections, and unsubscribes. Many web hosting companies also use their own server & account names in the envelope, rather than the sender's email address. This helps them respond to spam more effectively. The technology to alter envelope addresses is as old as email itself. It's not a new trick at all, and I'm sure the NSA knows how to handle it.