Tuesday, Dec 1, 2015 12:40 PM John Levine wrote: > Of course there is such an RFC. RFC 6409 refers to RFC 5321 which > describes the content of the Received header in section 4.4. It > includes the IP address from which the message was received.
That's the latest version of the SMTP submit spec, not a document about Received: header field privacy. > If, perhaps, you are wondering if there should be an RFC that updates > that advice to say to do something else, that's totally unresolved, > since nobody yet has made a plausible argument of what to change and > why there would be an overall benefit from doing so. The benefit is pretty obvious. If my IP address and identity information appears in a Received: header field, then I can't send mail to a public mailing list without revealing to the world geolocation information that could be used for doxxing/swatting me, or for various other nefarious activities, and I can't send email to an individual unless I am willing to reveal that information to that individual. And I can't send email through any server operated by anyone to whom I do not wish to reveal that information. These may not feel like important issues to you, but for some people they are life-or-death issues, and there really is a tradeoff to be made between the freedom of people in that situation to speak, and the freedom of the operators of mail servers to surveil them, even when that surveillance has a good motive behind it. The problem is that it's not _just_ the people who need the information who get it. > Until we look at the actual costs and benefits, it's grossly premature > to propose any changes. Right, that's why I keep asking questions. It's easy to read a series of questions as leading to a conclusion, and of course there is a conclusion that seems to be indicated here, but if I didn't care about your opinion and knowledge on this topic, I wouldn't be asking you questions. -- Sent from Whiteout Mail - https://whiteout.io My PGP key: https://keys.whiteout.io/[email protected]
pgpF7oIx49Oyd.pgp
Description: PGP signature
_______________________________________________ Shutup mailing list [email protected] https://www.ietf.org/mailman/listinfo/shutup
