In a recent revelation, it has emerged that the Ministry of Defence (MoD) has identified 55 emails that were incorrectly sent to the .ML top-level domain, which belongs to the African nation of Mali, since January 2022.

The information came to light in a response to a written parliamentary question.

“The Ministry of Defence takes the security of our people, our information and our systems very seriously. While all sensitive information is shared on systems which would prevent such misdirection, policies are put in place on all email systems to minimise the risk of such mistakes,” stated Andrew Murrison, The Parliamentary Under-Secretary of State for Defence.

Further clarifying, he mentioned, “Investigations are still ongoing however to date, we have identified 55 emails that have been sent to the .ML top level domain since January 2022. Of these, it is assessed that 15 were misdirected emails, that were destined for a .MIL address. We are confident that this small number of emails did not contain any technical data or information that could compromise operational security. Seven of these were sent in 2022, and eight in 2023.”

For context, over the past ten years, many emails that were intended for the .mil US military addresses were mistakenly directed at .ml addresses due to a single-character error.

This mishap potentially redirected sensitive data like medical records, identity documents, and maps of military installations, although not all such emails reached their unintended .ml recipients.

Avatar photo
George has a degree in Cyber Security from Glasgow Caledonian University and has a keen interest in naval and cyber security matters and has appeared on national radio and television to discuss current events. George is on Twitter at @geoallison
Notify of

Inline Feedbacks
View all comments

farouk (@guest_751495)
8 months ago

I first came across this story in July when Johannes Zuurbier the Dutch bloke who has a contract to manage Mali’s country domain went public regards the missent mail he receives due to been misdirected to Mali through a “typo leak” as mentioned above by the omission of the middle i in Mil. He states he has been receiving such misdirection’s for over 10 years and despite him contacting the US gov regards these misdirection’s, he still receives up to 1000 emails a day from all over the world. The reason he went public is on the 24th of July… Read more »

Last edited 8 months ago by farouk
Uninformed Civvy Lurker
Uninformed Civvy Lurker (@guest_751502)
8 months ago
Reply to  farouk

It should take 2 minutes to put a rule on the MOD email servers to return any emails sent to a Mali email address back sender saying “Did you mean to send an email to Mail – contact IT if you really want to email Mali”

Supportive Bloke
Supportive Bloke (@guest_751851)
8 months ago

Exactly so.

Incomprehensible that there are not blocked suffix lists.

Most organisations have them in some way shape or form.

Graham Moore
Graham Moore (@guest_751894)
8 months ago

Why didn’t these emails bounce back as undeliverable?
Surely Mali does not have email addresses that are exactly the same as UK ones before the ampersand?

Uninformed Civvy Lurker
Uninformed Civvy Lurker (@guest_752432)
8 months ago
Reply to  Graham Moore

Catch-all, also known as “accept-all” is a domain-wide setting mail server that is configured to accept all emails sent to the domain, no matter if the specified mailbox exists or not.

It would take me 2 mins about £20 a year to set up any email address I wanted and accept and forward all email to me.

Graham Moore
Graham Moore (@guest_752594)
8 months ago

Thanks. Thats a new one on me.