[Top] [All Lists]

Re: [ietf-smtp] broken signatures, was Curious

2020-07-21 16:47:48
On 21/07/2020 21:45, Hector Santos wrote:

Look at the headers of the mail in your inbox, particularly mail from
large providers, and you'll find megabytes of headers that nobody is
ever likely to look at or use.  This battle was over decades ago.

I heard this stated by you a few times. I never brought into it. It wasn't a problem to be concern about a few decades ago.  Now it is. It's junk and its growing.  The more it grows the more overhead we have. It makes systems who are suppose to be ignorant about the junk, work harder.  It makes your "View Source" more cryptic.

Hmm, my view is that the headers should be at least vaguely useful at the recipient end. That means that OK examples could be:

- an old (non validating) DKIM record
- X-Virus-Scanned: amavisd-new at
- X-BeenThere: ietf-smtp(_at_)ietf(_dot_)org
- X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5
  tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
  SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no

But useless ones could be:
- X-Data: E5-cx76azc4-nr189/4/434-00019lcm
- X-GRID-REF: 8A66B7582E9A48E5AC85DC32E810B6FA.PATT3L315_20414934_HkCfoHWEBm/iKqy8JQBwBgX1wZg0SxXH8yjogkuTlEYPlJqQWxslg0xZdvOP09bi - X-MA-Instance: SIM_TeUTj%2BiE4AhZRTmhfTY44Pwa8ILjXaS6WkWQguAtRkV9EKsTj.f8a41b40b7c841fef95f404ee3efc8c7
- X-PP-Email-transmission-Id: 407b928e-cb6d-11ea-a29f-b875c0aa69dc

(The above are real examples from some recent legitimate messages I've received)

The former ones tell me something. It may or may not be that useful. It may nor may not be true, but it tells me something. The latter ones tell me (the recipient) nothing at all. I'm honestly not sure why the latter data is in the headers at all.

It *may* be that if I ask for support from Paypal about an email, they'll ask me 'What was the "X-PP-Email-Transmission-Id'' header in that message? But I seriously doubt that would happen. If it did, then adding that header is OK, otherwise, no. In any case, the Message-ID should be sufficient for them to trace it if that's what they need to do.

The former set may be more useful if it was tagged with WHICH server added those headers, but that's it.



Paul Smith Computer Services
Tel: 01484 855800
Vat No: GB 685 6987 53

Sign up for news & updates at

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>