In <87is4hygqj(_dot_)fsf(_at_)windlord(_dot_)stanford(_dot_)edu> Russ Allbery
<rra(_at_)stanford(_dot_)edu> writes:
Charles Lindsey <chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk> writes:
Russ Allbery <rra(_at_)stanford(_dot_)edu> writes:
What do you mean by "altogether breaks"?
Yes, "altogether breaks" was possibly an exaggeration.
It looks to me like it causes
sendmail to corrupt the message by introducing a spurious From header
with no actual content ...
Yeah, that was ambiguous. I meant that it contained no useful semantic
content that wasn't already available, not that the header was completely
empty.
The problem is that the content it creates may _look_ like useful semantic
content (i.e. it leads the recipient to believe that it _did_ come from
that address - it might even be an address the recipient already
recognises).
I get all of that. It doesn't bother me, frankly; whenever any
modification is made to a standard in the area of previously undefined
behavior, some existing software isn't going to be immediately up-to-date.
sendmail has for years violated many existing best practices for MTAs, and
it shouldn't be at all surprising that it doesn't support new drafts that
depend on those best practices.
Indeed, if you change a standard, you may expect slightly odd things to
happen when seen by existing software. The question to address, therefore,
is which of the likely "odd things" will be most acceptable to typical
users, and to choose a standard modification which leads to such an
acceptable behaviour.
In the present case, what we want is that the recipient is made
immediately aware that the message was from an anonymous source. Ideally,
he would see "ANONYMOUS MESSAGE" in big red letters, but existing
software is unlikely to provide that :-( .
Now it will be clear to him if he sees:
No From line at all
A From line with obviously unusable contents, such as
From: <>, or
From: "Mickey Mouse" <>, or
From: "Mickey Mouse"
It will be less clear to him (but probably acceptable) if he sees
something recognisable as an improper or unusual address, such as:
From: <me(_at_)privacy(_dot_)net>, or
From: <mickey(_at_)mouse(_dot_)invalid>, or
From: <unrecognized(_at_)isp(_dot_)example>, or even
From: ietf-822-owner(_at_)imc(_dot_)org
But it would be a Bad Thing if he were to see an address which looked like
a genuine sender, such as
From: Russ Allbery <rra(_at_)stanford(_dot_)edu>, or even
From: MAILER-DAEMON(_at_)stanford(_dot_)edu
On looking into what sendmail actually does, I see now that it takes the
envelope From and constructs a From: header from it (and if the envelope
is <>, it creates no From header at all). That is not as evil as I had
first thought. But we may be sure that, taking sendmail, all the other
MTAs out there, and all the various existing gatewaye, listservs, etc out
there, you are going to get a variety of invented From headers, some of
which will certainly mislead your average non-technical reader.
Whereas, if you modify the From header syntax to allow some explicit
indication of anonymity (such as "<>"), then the worst that will happen is
that some agent will drop the whole message on the floor (I think that
most unlikely, given the propensity of existing agents to "mend" things
rather than drop them), or else it will omit the header (not too bad), or
change it to X-From: <> (not too bad either).
So the question to address is which is the least of the various inevitable
evils? The (quite likely) possibility that the reader will be misled, or
the (most unlikely) possibility that the message will fail to arrive?
He claims that it will do no harm to the existing network. We already
have one counter example to that,
We do? Please, by all means, fill us in! Or do you consider addition of
a spurious header by sendmail to be harm, in which case I'm completely
mystified by the definition of harm that you're applying?
I think anything that misleads the reader can justifiably be regarded as
"harm".
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133 Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave,
CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5