Sunday, May 03, 2009

Worries of sending confidential mail to someone's GMail mailid

Recently we had a conversation within our office friends circle. It was shocking to note that there is an unnoticed flexibility (if we say it is bug.. but if software company like Google says it is an application flexibility) which poses threat to our security and confidentiality. A 'dot' in the mail id account name is omitted in receiver's address validation.

For example, you are having gmail id and another guy is having mail id (but below GMail answer tells it is not possible to have 2 mail ids like this in GMail but it is possible for Google Apps for Your Domain -the pay service Google offers) then both are considered for receiving the mail when someone sends mail. When some of your friend sends a confidential mail to then will also receive that. Google just provides a simple link near the name (Yes, this is you.) Learn more and escape from any issue.

Excerpts from the link:

Your address is similar but has more or fewer dots (.) or different capitalization.

    Sometimes you may receive a message intended for someone whose address resembles yours but has a different number or placement of dots. For example, your address might be, but the message was sent to a What's going on?

    Gmail allows only one registration for any given username. Once you sign up for a particular username, any dot or capitalization variations are made permanently unavailable for new registration. If you created, no one can ever register, or Furthermore, because Gmail doesn't recognize dots as characters within usernames, adding or removing dots from a Gmail address won't change the actual destination address. Messages sent to,, and are all delivered to your inbox, and only yours.

    If you're, no one owns, except for you. Sending mail to is the same as sending mail to, or even HOMERJSIMPSON@GMAIL.COM. If you're getting mail addressed to, most likely someone was trying to send a message to, or, and made a mistake. You might even get messages from mailing lists or website registrations because the intended recipient accidentally provided the wrong email address. In these cases, we suggest contacting the original sender or website when possible to alert them to the mistake.

    For security reasons, when you log in to Gmail, you must enter any dots that were originally defined as part of your username.

    Note: Google Apps recognizes dots. If you'd like to receive mail with a dot in your username, please ask your domain administrator to add the desired username as a nickname.

Here is the full link:

Learn more about the problem in :

No comments:

Post a Comment