On 01/12/15 18:21, Chris Lewis wrote: > > On the other hand, we can see that that the lack of that information > presents difficulties to filtering technologies. When you get a > series of harassing emails from a given site originating from a given > user that's forging from lines and mutating content, you have nothing > concrete to filter on to distinguish it from other email from the same > provider.
If you assume the MSA in that case isn't rogue, then there are a variety of options that could be used in place of the actual IP address that would have better privacy properties without being particularly onerous on anyone. For example one could imagine replacing the MUA IP address value in a Received header field with something like E(k-epoch, MUA-IP-address) where k-epoch is some key that changes now and then, perhaps in a way that requires very little state in the MSA. The point (for now) is not to recommend that the above be done but just to note that there are other options that may not have been considered in the past. Or maybe they were but the reasonable trade-offs have changed. Cheers, S.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shutup mailing list [email protected] https://www.ietf.org/mailman/listinfo/shutup
