ietf-822
[Top] [All Lists]

Re: draft-lilly-from-optional-01.txt

2005-02-25 12:56:41

At 07:18 23-02-2005, Bruce Lilly wrote:
Responding to your points in reverse order:

The message header field "Sender" is an originator field which is
not necessarily related to the SMTP envelope sender return path (or
similar mechanisms in protocols other than SMTP).  Consequently, it
plays no role in authentication.

I agree that the "Sender" field may not necessarily be related to the SMTP envelope sender. The field may be used for end-to-end authentication technologies. The From and/or Sender headers are the only fields available to the MUA for making any determination as to the reputation of the sending domain.

The draft addresses two separate cases where the From field is
inappropriate: 1) where the author has no Internet mailbox (this
is not a case of anonymity) and 2) where the author requires
anonymity.  In the first case, specifying a Sender field is certainly
possible, though not particularly useful (details below).  In the
second case, a Sender field may be harmful; it might directly
or indirectly (when the guys with firearms show up demanding to
know who a message's author is) defeat anonymity.  In the case of
an individual author who requires some degree of anonymity, the
claim that supplying that author's mailbox in a Sender field does not
affect anonymity doesn't bear much scrutiny.

We rarely if ever see a genuine case one in practice. Case two is interesting. The guys will firearms will show up demanding who is the message's author even if you don't include a Sender as they will have the IP address of the relay. My suggestion is to have the mailbox of the Sender in the Sender field. That does not affect the anonymity of the message's author.

The Sender field is not particularly useful; it is NEVER used
automatically in responses (RFC 822 sect, 4.4.2, also RFC 3834) --
the Reply-To field exists for support of the first case above where

I understand that the Sender field is never used in response.

So while I would carefully consider such a requirement if there's
a sound case for it, the "authentication" argument does not
constitute such a case, since message originator fields are not
intended for authentication protocol use.  Such consideration also
needs to take into account both reasons for making the From field
optional; putting information in a differently-named field does
not take anonymity into account.

My point is not about server-side authentication. Message originator fields can and may be used for authentication. Quoting RFC 822 section 4.4.2:

"This field contains the authenticated identity of the AGENT (person, system or
   process) that sends the message."

On a different note, you wrote "As such, it improves security for message authors who require anonymity." under security considerations. People requiring anonymity are better served by using anonymous remailers instead of excluding the From field from their message.

Regards,
-sm