On Wed, Dec 02, 2015 at 01:57:00AM +0000, Stephen Farrell wrote:
IMO the onus is on us as technology developers to ensure that what
we make allows those who deploy that to do a good enough job. In
this case there is room for debate about the cumulative privacy
exposure from many messages including MUA IP addresses (or of
popular implementations defaulting to do so) vs. the benefits
accruing to anti-spam techniques.
It's not just anti-spam techniques that benefit. Anti-phish
techniques do as well, and while *sometimes* phishes are delivered
via spam, sometimes they're not (e.g., spear-phishing, which may
consist of a single messages, thus not bulk, thus not spam).
So do attempts to trace harassment, bullying, etc. So do efforts
to detect and prevent fraud. So do attempts to detect, diagnose,
and fix delivery problems. And so on: the utility of header
information is enormous, particularly in an environment which
increasingly lacks cooperation.
ietf-smtp mailing list