Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealth

Tuesday, Dec 1, 2015 8:13 AM Paul Smith wrote:
> Once that document exists, then no one will add the trace fields, because 
> people are paranoid (often rightly so, but not, I believe, in this case). 
> They won't read the document fully. It may say 'you can remove IP address 
> information from trace headers, but should think long and hard about it 
> because doing so may come back to bite you and leaving the information in has 
> minimal risk unless you're so stupid you haven't bothered with a firewall'. 
> They'll get as far as the first comma, and stop.
I had no idea RFCs were so powerful.

> To be honest, I'm (pleasantly) surprised IP address information is still put 
> in Received headers nowadays. IMHO, the fact that it is suggests that there's 
> a very good reason for it to stay there.
No, it doesn't.   It suggests that there are one or more reasons why it has 
stayed there, zero or more of which may be good reasons.

> Many service providers and software publishers 'stretch' the rules somewhat, 
> so if this was a big problem without any down-sides, then IP addresses would 
> have disappeared from Received: headers some years ago.
We are seeing providers right now disappearing IP address information for the 
submission IP source address, so your logic here would suggest that there is in 
fact a downside to including that information; otherwise it would not have 
disappeared.

> If there were compatibility issues (eg some SMTP servers rejecting mail 
> without the IP address info there), then that would still be a problem even 
> if a new RFC comes out, unless SMTP is totally deprecated and a new mail 
> standard replaces it. 
There is no such compatibility issue, because there is no required content in 
Received: header fields (the only thing that's even strongly recommended is 
"via") .   There is advice about what should be in them.   People are able to 
extract data from them anyway, because implementations tend to have default 
behavior which nobody bothers to change; this behavior tends to follow the 
examples in e.g. RFC 5821.

> If there are no compatibility issues with removing the IP address, then why 
> aren't most providers/systems already removing it nowadays?
We've already heard that some Email SPs _are_ removing IP addresses in the most 
obviously problematic case.   The reason they aren't removing IP addresses in 
more cases is quite likely that they are using stock software (probably 
Postfix, but could also be MS Exchange or other products) that have default 
behavior, and they have not been motivated to override the default behavior for 
cases other than the submit source address case, which has the biggest doxing 
potential.


--
Sent from Whiteout Mail - https://whiteout.io

My PGP key: https://keys.whiteout.io/mellon(_at_)fugue(_dot_)com

pgpds5hbh07vE.pgp
Description: PGP signature

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp