> Companies have no way of linking different Masked Email addresses together to track you.
I have received the Fastmail support response, and since they do not consider this a vulnerability, I'll post it here:
- You have a Masked Email
- You have set up forwarding from your Fastmail account to another email service
- The other email service rejects the mail for some reason
- The bounce message goes back to the original sender, and may include the email addresses along the chain after the Masked Email address.
I'm assuming the bounce message contains the X-Resolved-To header mentioned in the other HN thread linked above.
Did you request escalation?
> Companies have no way of linking different Masked Email addresses together to track you.
I have received the Fastmail support response, and since they do not consider this a vulnerability, I'll post it here:
- You have a Masked Email
- You have set up forwarding from your Fastmail account to another email service
- The other email service rejects the mail for some reason
- The bounce message goes back to the original sender, and may include the email addresses along the chain after the Masked Email address.
I'm assuming the bounce message contains the X-Resolved-To header mentioned in the other HN thread linked above.