On 02/12/2015 10:04, Martijn Grooten wrote:
On Wed, Dec 02, 2015 at 09:37:13AM +0000, Paul Smith wrote:
I'm fascinated by the concern about geolocation.
How well does it work for other people? For me, it gives me the
country fairly reliably, and nothing else reliably at all.
A very small sample (n=2) of submission IP addresses found in email
headers gave me the city/area the sender was based in.
That's much better than I get...
A hashed IP address will not help issues with 'tracking' people
using their IP addresses (you just track people using the hashed
address instead). The only thing it will prevent is someone using
geolocation, which my tests suggest is pretty useless 99% of the
time anyway...
Yes, just using a hash wouldn't help much. The "cryptographic blob"
should be somewhat more complicated than just a hash. An RFC could make
recommendations about how to generate such a blob.
It would have to change per message to make it untrackable, but then it
wouldn't be any use for reputation logging either.
If it changes per message, it would have to be identifiable by the host
which generated it, which would mean there'd have to be someone to deal
with trace enquiries at the service provider, and some way of
identifying/deciding who can, and who can't, get identifiable data from
the 'blob'.
Otherwise, you may as well just remove it totally.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp