JVNDB-2005-000772

Inappropriate interpretation of mailto URL scheme by mail client software

The mailto URL scheme is used to designate the Internet email address on a web page. Specifying an email address and body text using the mailto URL scheme gives a template for a mail message. Many mail clients have a function to set a field specified by the mailto URL scheme in a mail header.

RFC2368 defining the mailto URL scheme points out the followings in its Security Considerations section.

- A mail client should never send anything without complete disclosure to the user of the full message created based on descriptions of the mailto URL scheme
- It should explicitly display any headers along with the message destination.
- It is inappropriate to set a header related to mail delivery based on descriptions of the mailto URL scheme

However, some mail clients set the header related to mail delivery based on descriptions of the mailto URL scheme or do not explicitly display the full header.

We published this issue on JVN in coordination with developers, to publicize the issue to users and mail client developers.

Edcom Inc.

• EdMax Ver3.05 and earlier
• EdMax Free Ver2.85.5F and earlier

Allied Telesis

• AT-Mail Server

Orangesoft Inc.

• Winbiff V2.43PL1 and earlier

JustSystems Corporation

• Shuriken Pro3
• Shuriken Pro4

RIMARTS

• Becky! Internet Mail Ver.2.21.01 and earlier

Saitoh Kikaku

• Hidemaru Mail Version4.12 and earlier

An email message may be sent to recipients to whom the user does not intend to send it.

Edcom Inc.

• EdMax Security Hall : 2005/05/26 (Japanese)

Allied Telesis

• Allied Telesis : 20050620 (Japanese)

Orangesoft Inc.

• Orangesoft : V2.43PL1�`V2.50 (Japanese)

JustSystems Corporation

• Shuriken Support Desk : shuriken (Japanese)

RIMARTS

• Becky! Internet Mail : Becky! Internet Mail Ver.2 (2.21.02)

Saitoh Kikaku

• Hidemaruo's Homepage : news2005 (Japanese)

1. JVN : JVN#FCAD9BD8
2. IETF : RFC2368: The mailto URL scheme

• [2008/05/21]
    Web page published