Sunday, Nov 29, 2015 1:13 PM John Levine wrote: > It's not even privacy vs. ops support, it's privacy issues via some > hints of sender's location vs. privacy issues via the recipient > getting spammed, phished, and malware'd.
The only Received: header fields that you can trust are the ones that were added by servers in your administrative domain. Anything else, you have to trace back through the logs hop by hop to actually know that the mail transited those systems; otherwise, an attacker can fake up whatever Received: header fields they want in order to cast blame on whomever they want to harm. That being the case, all the Received: header field needs to contain is a token that can be used to backtrace the message to its origin using the logs: anything else is superfluous. So postcarding all kinds of private information about the end user is not only not actually useful for the reason you suggest, it is actively harmful to the end user. > You are completely correct that there's been no discussion at all of > the tradeoffs. After all, the vast majority of mail these days is > malicious, and the largest mail provider in the world already redacts > most senders' location info. The conclusion I would draw here is that we ought to advice all the other providers to do this as well. IOW, this argument supports the proposed work, rather than showing that it is unnecessary or harmful. -- Sent from Whiteout Mail - https://whiteout.io My PGP key: https://keys.whiteout.io/[email protected]
pgpoggPrE75Ra.pgp
Description: PGP signature
_______________________________________________ Shutup mailing list [email protected] https://www.ietf.org/mailman/listinfo/shutup
