SoylentNews is people
SoylentNews
We had submissions from two different Soylentils on this story about an IT worker for the company which managed Hillary Clinton's email server apparently looking for help on how to wipe email addresses.
Clinton's IT contractor sought help removing or replacing to/from addresses on archived emails
The Gateway Pundit reports:
An employee with Platte River Networks, the company in charge of Hillary Clinton's home server, who was granted immunity from Obama's Department of Justice in their investigation of Clinton, reportedly asked for assistance in July 2014 from Reddit users on how to purge emails and how to strip VIP's email address from "a bunch of archived emails":
"Hello all- I may be facing a very interesting situation where I need to strip out a VIP's (VERY VIP) email address from a bunch of archived email that I have both in a live Exchange mailbox, as well as a PST file. Basically, they don't want the VIP's email address exposed to anyone, and want to be able to either strip out or replace the email address in the to/from fields in all of the emails we want to send out. I am not sure if something like this is possible with PowerShell, or exporting all of the emails to MSG and doing find/replaces with a batch processing program of some sort. Does anyone have experience with something like this, and/or suggestions on how this might be accomplished?"
Hillary Clinton IT worker asked Reddit how to tamper with email record
Paul Combetta, the IT guy who used BleachBit to wipe email servers for Hillary Clinton, went on Reddit in July 2014 and asked this question:
Remove or replace to/from address on archived emails?
Hello all- I may be facing a very interesting situation where I need to strip out a VIP's (VERY VIP) email address from a bunch of archived email that I have both in a live Exchange mailbox, as well as a PST file. Basically, they don't want the VIP's email address exposed to anyone, and want to be able to either strip out or replace the email address in the to/from fields in all of the emails we want to send out.
Paul Combatta was given immunity by the Justice Department.
If you check the timeline you find that in July 2014 there were outstanding FOIA requests but Congress had not yet subpoenaed the email server.
One of the commenters on the Reddit thread said: "If there was a feature in Exchange that allowed this, it could result in major legal issues."
(Score: 2, Disagree) by bzipitidoo on Tuesday September 20 2016, @12:31PM
Seriously? He doesn't know how to do a search and replace? And he asked for help on Reddit?
That's hardly more than a one line Perl program: $emails =~ s/[.\w]+@[.\w]+\.\w\w+/REDACTED/g;
(Score: 5, Funny) by Marand on Tuesday September 20 2016, @12:52PM
Seriously? He doesn't know how to do a search and replace? And he asked for help on Reddit?
There's mention of Exchange being used, so probably a Windows admin. Says it all, really.
That's hardly more than a one line Perl program: $emails =~ s/[.\w]+@[.\w]+\.\w\w+/REDACTED/g;
Can you translate that to .bat? Just asking out of, um...professional curiosity. For a...friend. Yeah.
(Score: 1, Informative) by Anonymous Coward on Tuesday September 20 2016, @01:08PM
And good luck doing anything like that with a Exchange PST file. Those things are a giant mess. If ANYONE can manage to do a find an replace like that I would be highly impressed.
(Score: 5, Informative) by butthurt on Tuesday September 20 2016, @01:45PM
Convert the .pst file to a Berkeley mailbox, edit, then convert back to .pst?
https://www.techwalla.com/articles/how-to-convert-pst-to-mbox [techwalla.com]
https://gallery.technet.microsoft.com/How-To-Convert-MBOX-To-PST-81cd3a4f [microsoft.com]
(Score: 0) by Anonymous Coward on Tuesday September 20 2016, @02:18PM
You'd want it as a powershell script probably, assuming it was possible.
Once you've been managing Exchange long enough, you realize that the GUI doesn't do half the things you need. You need PS scripts or commands for everything else.
(Score: 5, Insightful) by Whoever on Tuesday September 20 2016, @02:24PM
So you are one of those website developers who doesn't know about "plus addressing"? Read RFC2822 my friend.
(Score: 3, Interesting) by Delwin on Tuesday September 20 2016, @02:49PM
It always irks me when a registration doesn't allow plus addressing. I use it extensively so I can figure out who sold my address to spammers.
(Score: 2) by jasassin on Tuesday September 20 2016, @07:28PM
I didn't know about + addressing. Wow. This is exactly the kind of epic thing I love to learn about on soylent. Thanks very much!
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 3, Informative) by Marand on Wednesday September 21 2016, @02:00AM
Well, congratulations on learning about one of the most frustrating email features you'll ever encounter. Now you can suffer with the rest of us every time you try to use a + in a webpage form and then get told it's not a valid address. Every "please enter an email" type form, every service that uses email as a username, seems to have a vastly different idea of what is (or is not) an email address, and the poor maligned + is usually the first casualty. It used to be a lot worse than it is now, but gmail's use of it finally popularised it enough that you can actually use it on many sites nowadays.
But when it doesn't work it gets extremely frustrating. The worst one I've run into was a site with a sign-up form that required email address for login. The initial sign-up accepted the plus, but something on the backend didn't handle it correctly. So, I managed to successfully create an account for foo+bar@example.com, but had no way to log in because the creation process accepted the + but the login process didn't.
There's a similar trick if you use gmail: periods are ignored in addresses. So, foo.bar@gmail.com, foobar@gmail.com, and f.o.o.b.a.r@gmail.com are all valid addresses that send to foobar@gmail.com. If you run into a site that won't accept the +, you can give it a gmail address with a period in a specific spot for similar purposes as using +foo.
Both of them are great not just for seeing who's giving your address out, but also for filtering purposes.
(Score: 4, Funny) by Anonymous Coward on Tuesday September 20 2016, @04:11PM
Ok, fine.
$emails =~ s/(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?: \r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:( ?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\0 31]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\ ](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+ (?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?: (?:\r\n)?[ \t])*))*|(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n) ?[ \t])*)*\@,;:\\".\[\] \000-\031]+(?:(?:(?:\ r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n) ?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t] )*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])* )(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*) *:(?:(?:\r\n)?[ \t])*)?(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+ |\Z|(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r \n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?: \r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t ]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031 ]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\]( ?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(? :(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(? :\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()@,;:\\".\[\] \000-\031]+(?:(? :(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)? [ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]| \\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^() @,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|" (?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t] )*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(? :[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[ \]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()@,;:\\".\[\] \000- \031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|( ?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([ ^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\" .\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\ ]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\ [\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\ r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\] |\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)?(?:[^()@,;:\\".\[\] \0 00-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\ .|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()@, ;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\]]))|"(? :[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])* (?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\". \[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[ ^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\] ]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)(?:,\s*( ?:(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\ ".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:( ?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[ \["()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t ])*))*@(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t ])+|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(? :\.(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+| \Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?: [^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\".\[\ ]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[" ()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n) ?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["() @,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@, ;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t] )*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)? (?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()@,;:\\". \[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?: \r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[ "()@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t]) *))*@(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t]) +|\Z|(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\ .(?:(?:\r\n)?[ \t])*(?:[^()@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:( ?:\r\n)?[ \t])*))*)?;\s*)/REDACTED/g;
(Score: 3, Informative) by bzipitidoo on Tuesday September 20 2016, @05:40PM
You sure you have the correct RFC? Should've pointed to RFC5233, as a quick search for "plus addressing" turns up in the Wikipedia entry on email addresses. There is no mention anywhere in RFC2822 of plus addressing, tagging, or sub-addressing.
(Score: 2) by maxwell demon on Tuesday September 20 2016, @10:30PM
I guess the point was that the plus sign is a valid character in an email address, no matter whether the mail server interprets it specially or not.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by Whoever on Thursday September 22 2016, @03:58AM
All I was trying to point out is that "+" is a valid character in email addresses if used before the "@" symbol. What the destination email server does with it isn't defined, and, as a website developer, you should not care about it.
There is no RFC for plus addressing and Exchange doesn't support it. Just about every other MTA supports it, including Gmail.
(Score: 3, Funny) by jummama on Tuesday September 20 2016, @07:29PM
That's what she sed