It is pretty apparent that they have done large scale traffic analysis of mail for many years now, but being able to detect contraband in the flow of mail is different than creating topologies of addresses. It is a great reason why vendors should never use the same return address twice though. But then you open yourself up to statistical analysis, look at how much more often this person gets mail from random names in the same state versus the average, why would that be Maybe the best bet is to use a single real return address with one per customer. That avoids linkability if one pack is seized while still allowing for you to not receive mail in suspicious patterns. Of course it also means each vendor you work with needs to have saved somewhere the return address they use for you though.