John C Klensin wrote:
Whether one has a single address in a "for" clause or three,
the information disclosure risk is identical.
ACK. My proposal to remove the Apparently-To section was a bad
plan. You need something for the forward pointer to 7.2 in the
Rewriting 7.2 to address "for" issues instead of Apparently-To
could make sense, if it's not only me who missed that the "for"
can be a very similar problem.
IMO the concern that a "for" used only for one recipient could,
when absent, disclose the existence of one or more blind carbon
copies to receivers behind the same MX, is negligible compared
to a "for" disclosing directly one or all affected addresses.
And I'd still support Kari's proposal that at most one "for" as
in 82x is interesting enough, more than one can't be a good idea.