[Top] [All Lists]

[ietf-smtp] Received header corretness (was Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG)

2015-12-03 18:47:31
On Tue, Dec 1, 2015 at 9:51 AM, Ned Freed 
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:

Ned Freed writes:
Gmail:   Webmail does not disclose originating client IP, apparently
        invalid Received: field to avoid doing so.

Invalid, how so?

I looked at one now, and the oldest Received contained "by", "with" and
"id" received-tokens. 5322 says all received-tokens are optional, 5321
that SMTP servers MUST add a "from" received-token, but that Received
wasn't written by an SMTP server and 5321 3.7.2 explicitly allows other
software to be different. 2476 says nothing.

What am I overlooking?

In my testing I saw the following sorts of fields:


Received: by lffz202 with SMTP id z202so35306770lff.3 for
<ned(_dot_)freed(_at_)mrochek(_dot_)com>; Wed, 21 Oct 2015 22:32:47 -0700 


Received: by pasz6 with SMTP id z6so88255027pas.2 for <
Thu, 22 Oct 2015 07:30:31 -0700 (PDT)

That's added by the outgoing smtp server, but it didn't receive the message
"with" SMTP.  Unfortunately, we can't just say "with gRPC" since the with
value has to be IANA registered.  I guess we could make it an X-Received
header instead, or just add the from clause.  That said, we also use "with
HTTP" and no one has complained about those, so maybe...  OTOH, I was once
told to use "with UTF8" to know that a message was RFC 6532 instead of RFC
5322, so that wouldn't be very helpful unless we also had a 'with gRPCUTF8'

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>