[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

2015-12-01 10:52:14
Tuesday, Dec 1, 2015 8:13 AM Paul Smith wrote:
Once that document exists, then no one will add the trace fields, because 
people are paranoid (often rightly so, but not, I believe, in this case). 
They won't read the document fully. It may say 'you can remove IP address 
information from trace headers, but should think long and hard about it 
because doing so may come back to bite you and leaving the information in has 
minimal risk unless you're so stupid you haven't bothered with a firewall'. 
They'll get as far as the first comma, and stop.

I had no idea RFCs were so powerful.

To be honest, I'm (pleasantly) surprised IP address information is still put 
in Received headers nowadays. IMHO, the fact that it is suggests that there's 
a very good reason for it to stay there.

No, it doesn't.   It suggests that there are one or more reasons why it has 
stayed there, zero or more of which may be good reasons.

Many service providers and software publishers 'stretch' the rules somewhat, 
so if this was a big problem without any down-sides, then IP addresses would 
have disappeared from Received: headers some years ago.

We are seeing providers right now disappearing IP address information for the 
submission IP source address, so your logic here would suggest that there is in 
fact a downside to including that information; otherwise it would not have 

If there were compatibility issues (eg some SMTP servers rejecting mail 
without the IP address info there), then that would still be a problem even 
if a new RFC comes out, unless SMTP is totally deprecated and a new mail 
standard replaces it. 

There is no such compatibility issue, because there is no required content in 
Received: header fields (the only thing that's even strongly recommended is 
"via") .   There is advice about what should be in them.   People are able to 
extract data from them anyway, because implementations tend to have default 
behavior which nobody bothers to change; this behavior tends to follow the 
examples in e.g. RFC 5821.

If there are no compatibility issues with removing the IP address, then why 
aren't most providers/systems already removing it nowadays?

We've already heard that some Email SPs _are_ removing IP addresses in the most 
obviously problematic case.   The reason they aren't removing IP addresses in 
more cases is quite likely that they are using stock software (probably 
Postfix, but could also be MS Exchange or other products) that have default 
behavior, and they have not been motivated to override the default behavior for 
cases other than the submit source address case, which has the biggest doxing 

Sent from Whiteout Mail -

My PGP key:

Attachment: pgpds5hbh07vE.pgp
Description: PGP signature

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>