Tuesday, Dec 1, 2015 8:13 AM Paul Smith wrote:
Once that document exists, then no one will add the trace fields, because
people are paranoid (often rightly so, but not, I believe, in this case).
They won't read the document fully. It may say 'you can remove IP address
information from trace headers, but should think long and hard about it
because doing so may come back to bite you and leaving the information in has
minimal risk unless you're so stupid you haven't bothered with a firewall'.
They'll get as far as the first comma, and stop.
I had no idea RFCs were so powerful.
To be honest, I'm (pleasantly) surprised IP address information is still put
in Received headers nowadays. IMHO, the fact that it is suggests that there's
a very good reason for it to stay there.
No, it doesn't. It suggests that there are one or more reasons why it has
stayed there, zero or more of which may be good reasons.
Many service providers and software publishers 'stretch' the rules somewhat,
so if this was a big problem without any down-sides, then IP addresses would
have disappeared from Received: headers some years ago.
We are seeing providers right now disappearing IP address information for the
submission IP source address, so your logic here would suggest that there is in
fact a downside to including that information; otherwise it would not have
disappeared.
If there were compatibility issues (eg some SMTP servers rejecting mail
without the IP address info there), then that would still be a problem even
if a new RFC comes out, unless SMTP is totally deprecated and a new mail
standard replaces it.
There is no such compatibility issue, because there is no required content in
Received: header fields (the only thing that's even strongly recommended is
"via") . There is advice about what should be in them. People are able to
extract data from them anyway, because implementations tend to have default
behavior which nobody bothers to change; this behavior tends to follow the
examples in e.g. RFC 5821.
If there are no compatibility issues with removing the IP address, then why
aren't most providers/systems already removing it nowadays?
We've already heard that some Email SPs _are_ removing IP addresses in the most
obviously problematic case. The reason they aren't removing IP addresses in
more cases is quite likely that they are using stock software (probably
Postfix, but could also be MS Exchange or other products) that have default
behavior, and they have not been motivated to override the default behavior for
cases other than the submit source address case, which has the biggest doxing
potential.
--
Sent from Whiteout Mail - https://whiteout.io
My PGP key: https://keys.whiteout.io/mellon(_at_)fugue(_dot_)com
pgpds5hbh07vE.pgp
Description: PGP signature
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp