[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

2015-12-11 09:41:44
On Fri, Dec 11, 2015 at 06:32:26AM -0800, Ned Freed wrote:
I don't think anyone has said that IP addresses in general can't be
useful in Received headers. Nor has anyone suggested to remove the
addresses of public facing mail servers from the headers.

Actually, draft-josefsson-email-received-privacy-01 suggests just that. It

   There may be other situations where adding Received headers would
   leak unintended information to an observing party.  For example, an
   organization may use different SMTP relays depending on the category
   of a customer.  By knowing the mapping between SMTP relay and
   customer category, an observing party would learn the customer
   category for the organization.

It then goes on to say that IP address information MUST NOT be added
by "SMTP entities concerned with the privacy of their clients".

I read this as talking about internal routes an email takes, otherwise I
wouldn't see who "their clients" refers to. 

(But my comment was wrong because I had misread Paul's email.)


Attachment: signature.asc
Description: Digital signature

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>