[Top] [All Lists]

Re: 2822 To: header (was Re: [ietf-dkim] Mailing lists as 2822-Sender)

2007-12-06 05:37:28

Hector Santos wrote:

[David Skoll]
Otherwise, you risk exposing Bcc: addresses.

[Ned Freed]

[Hector Santos]
I don't see it Ned, and reviewing this is putting a hurting on my brain.

The canonical example I always like to give is:

MAIL FROM:<bigboss(_at_)example(_dot_)com>
RCPT TO:<suckers-about-to-be-fired(_at_)example(_dot_)com>

If the RCPT address is a mailing list, you may not wish to expose that
fact in the To: header.  The SMTP server does not have enough information
about the sensitivity of the RCPT argument to know whether or not it's
safe to put it in a header.

But I hope it wasn't misunderstood that we are not talking about a MSA
or MDA doing this. But a post acceptance mail processor, importer, etc,
responsible for storage the direct mail.

See above.  The SMTP RCPT argument can be sensitive.  And if you mean
adding a To: header after alias expansion, etc. then you are no longer
talking about the x821 RCPT argument.



<Prev in Thread] Current Thread [Next in Thread>