[Emailcore] Ticket #15: G.7.9. Discussion of 'blind' copies and RCPT
Alexey Melnikov <alexey.melnikov@isode.com> Tue, 19 January 2021 16:11 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: emailcore@ietfa.amsl.com
Delivered-To: emailcore@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 838A73A15EA for <emailcore@ietfa.amsl.com>; Tue, 19 Jan 2021 08:11:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MpYEg8bxDuF3 for <emailcore@ietfa.amsl.com>; Tue, 19 Jan 2021 08:11:48 -0800 (PST)
Received: from statler.isode.com (Statler.isode.com [62.232.206.189]) by ietfa.amsl.com (Postfix) with ESMTP id 137373A15E7 for <emailcore@ietf.org>; Tue, 19 Jan 2021 08:11:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1611072707; d=isode.com; s=june2016; i=@isode.com; bh=2izWLe2FMEhlLAGKAHBHiZ9fObK2y8JePLH4t8pEMu4=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=WcPXzKg0RysfC+qV8vOPl6g+iZnmr1gh/fLQxZibH7f3d6NJOAf0ve598CQ+5ujku+AyK4 IfiY3x//s3DIzJIMUvuYxWLbtms3X/fJMXaxjaJjSHk8J+eYC3qpzoy0bGSklNcFeil0IS sU7G9uSKKoN2a1IuiGcorNyCB7OKUIU=;
Received: from [172.27.250.167] (connect.isode.net [172.20.0.72]) by statler.isode.com (submission channel) via TCP with ESMTPSA id <YAcEwgBqmmx9@statler.isode.com>; Tue, 19 Jan 2021 16:11:46 +0000
To: emailcore@ietf.org, Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>
From: Alexey Melnikov <alexey.melnikov@isode.com>
Message-ID: <e40a609b-6df6-0e35-eedd-72d2c98fb02b@isode.com>
Date: Tue, 19 Jan 2021 16:11:45 +0000
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-GB
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/emailcore/hDvppQMwcYemYn2B1Yl7qX_-zfY>
Subject: [Emailcore] Ticket #15: G.7.9. Discussion of 'blind' copies and RCPT
X-BeenThere: emailcore@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EMAILCORE proposed working group list <emailcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emailcore>, <mailto:emailcore-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emailcore/>
List-Post: <mailto:emailcore@ietf.org>
List-Help: <mailto:emailcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emailcore>, <mailto:emailcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jan 2021 16:11:50 -0000
Dear collegues,
The 1st pagaraph of Section 7.2 ("Blind" Copies) currently says:
Addresses that do not appear in the message header section may appear
in the RCPT commands to an SMTP server for a number of reasons. The
two most common involve the use of a mailing address as a "list
exploder" (a single address that resolves into multiple addresses)
and the appearance of "blind copies". Especially when more than one
RCPT command is present, and in order to avoid defeating some of the
purpose of these mechanisms, SMTP clients and servers SHOULD NOT copy
the full set of RCPT command arguments into the header section,
either as part of trace header fields or as informational or private-
extension header fields.
Suggested replacement for the last sentence quoted above (as per
feedback from Arnt Gulbrandsen):
When more than one
RCPT command is present, and in order to avoid defeating some of the
purpose of these mechanisms, SMTP clients and servers SHOULD NOT copy
any of RCPT command arguments into the header section,
either as part of trace header fields or as informational or private-
extension header fields.
(This removes "especially" and replaces "the full set of" with "any" --
copying the first one can be as harmful as copying all of them, at least
without verifying that the addresses do appear in the headers.)
Please provide feedback on this proposal within 2 weeks.
Best Regards,
Alexey
- [Emailcore] Ticket #15: G.7.9. Discussion of 'bli… Alexey Melnikov
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … Alexey Melnikov
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … Alessandro Vesely
- [Emailcore] Received: header Jeremy Harris
- Re: [Emailcore] Received: header John Levine
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … Alexey Melnikov
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … Dave Crocker
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … Alessandro Vesely
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … Arnt Gulbrandsen
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … John C Klensin
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … John C Klensin
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … Dave Crocker
- Re: [Emailcore] Ticket #15: G.7.9. Discussion of … Alessandro Vesely