[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

2015-11-30 11:29:29
At 2:53 PM -0800 11/29/15, Jim Fenton wrote:

 On 11/29/2015 09:12 AM, Chris Newman wrote:

I oppose the current shutup charter text and draft-josefsson-email-received-privacy as both promote the elimination of mechanisms that protect users from fraud and abuse.


Also agree.

  and to be more specific:

The proposed charter speaks of Received header fields leaking address information that can expose user location. Yes, they can. But, in general, that information is essential to identifying spoofed header fields: it's by tracing the chain of "from" addresses in Received header fields that one can determine that someone is attempting to do something fraudulent.

Very true. It seems to me that every few years, proposals are made to effectively destroy 'Received' header fields without understanding how and why they are so useful.

Further, I don't have a lot of sympathy for organizations that rely on the secrecy of their network topologies as an essential security component. We're trying to increase the trust in email, not reduce it.

Agree. This is security through obscurity, and generally promoted by people who can't explain how it really helps.

draft-josefsson-email-received-privacy mentions the issue of senders' locations appearing on mailing lists and in mailing list archives. I have long felt that we are conflicted on whether the output of a mailing list is a new message or the same as the one sent to the mailing list. It usually has a different MAIL FROM address, and often has text added to the message body, which I would think is enough of a change to make it a new message. Yet the Message-ID and Received header fields are preserved. I would think that an entire new message should be created, a new Message-ID assigned, and DKIM signed by the mailing list's domain (of course!). Only selected header fields would be transferred to the new message. The original incoming header fields should be available only to the list administrators, who deal with abuse issues.

This assumes that each mailing list has the best possible spam filtering and does the best possible job detecting forged header fields. Since that isn't the case, we need to permit each mailing list subscriber to see how a message was sent to the list.

Randall Gellens
Opinions are personal;    facts are suspect;    I speak for myself only
-------------- Randomly selected tag: ---------------
When I was younger, I could remember anything, whether it had
happened or not.                                --Mark Twain

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>