On 11/30/2015 10:38 AM, Ned Freed wrote:
Can anyone share some information about which providers made which
decision?
I posted about this earlier on the perpass list in respose to the initial
discussion of the draft-josefsson-email-received-privacy draft. Here's an
updated version of that information:
Gmail: Webmail does not disclose originating client IP, apparently
using
invalid Received: field to avoid doing so.
Submit discloses originating IP.
Yahoo: Neither webmail nor submit disclose originating IP, some
Received:
fields are invalid but this looks like an unrelated issue.
Outlook: Neither webmail nor submit disclose originating IP, valid
Received:
fields.
AOL: Both webmail and submit disclose originating client IP in both
Received: fields and X-Originating-IP: (webmail) and X-AOL-IP:
(submit) fields.
GMX: Both webmail and submit disclose originating client IP.
Thanks John Levine for the AOL submit data.
Our system has a RFC MIME storage and local proprietary format. The
operator must enable a "Preserve MIME format" option on a per private
mail user basis or a per mail conference type basis. So out of the
box, the mail is converted to a safe minimum text format. But if not
converted, our system is not doing anything to hide raw headers (if
requested by MUA) and I don't know if it should (out of the box). But
as always, even if considered, it would be an local policy
configuration option.
--
HLS
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp