[Top] [All Lists]

Re: [Fwd: [secdir] secdir review of draft-ietf-sieve-notify-mailto-07.txt]

2008-03-26 17:24:33

[Hannes Tschofenig <Hannes(_dot_)Tschofenig(_at_)gmx(_dot_)net>]:
   o  The "Received:" fields from the triggering message MAY be retained
      in the notification message, as these may help detect and prevent
      mail loops.  The "Auto-Submitted" header field MUST be placed
      above these (see Section 2.7.1).  URI headers with hname
      "received" are considered unsafe, and will be ignored.

Why is this a MAY and not a MUST? 

normal bounces do not copy Received fields, either.  RFC 3464 is silent
on this issue, but the example messages do not contain "extraneous"
Received fields.  of course DSNs have null envelope-from, which is a
better safeguard.

as long as the implementation adds Auto-Submitted and make sure not to
respond to Auto-Submitted messages, the risk of a loop is very small,
even if other autoresponders have never heard of that header.  they will
need to actively remove that header field to cause a loop, and if an
implementation is that broken, who knows what it'll do to Received?

the notification is a freshly generated message, so to me it is "lying"
about the message's origins to include Received fields which are really
about another message.

Kjetil T.

<Prev in Thread] Current Thread [Next in Thread>