"WARNING: Fastmail Masked Email insecurity" https://www.emaildiscussions.com/showthread.php?t=81287

One concrete vulnerability is mentioned in a linked thread and described here https://news.ycombinator.com/item?id=37791500

I have created a ticket with the Fastmail support asking them more details about the vulnerability you mention in your thread, I’m curious to see their response.

There FM said:

> When forwarding an email as an attachment and later checking the headers of the attached email, I could not find the X-resolved-to header

this is odd, no? This header field should remain.

And regarding that FM Privacy First declaration, this is now 404.

Well they still claim it is impossible to connect different masked emails together. If you as a sender can reliably determine the target email address, then that claim is untrue as well.

Where are they still claiming that?

On their Masked Email feature page https://www.fastmail.com/features/masked-email/

> Companies have no way of linking different Masked Email addresses together to track you.

I have received the Fastmail support response, and since they do not consider this a vulnerability, I'll post it here:

- You have a Masked Email

- You have set up forwarding from your Fastmail account to another email service

- The other email service rejects the mail for some reason

- The bounce message goes back to the original sender, and may include the email addresses along the chain after the Masked Email address.

I'm assuming the bounce message contains the X-Resolved-To header mentioned in the other HN thread linked above.

Thanks. I agree. The privacy claim is contradicted by Support's "may include the email addresses along the chain". I note though that I got the opposite answer from Support.

Did you request escalation?