Re: [ietf-smtp] broken signatures, was Curious

John C Klensin <> Tue, 21 July 2020 20:48 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9E8853A0A68 for <>; Tue, 21 Jul 2020 13:48:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id NwCiA8pf24xk for <>; Tue, 21 Jul 2020 13:48:32 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 582ED3A0A66 for <>; Tue, 21 Jul 2020 13:48:32 -0700 (PDT)
Received: from ([] by with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <>) id 1jxzBf-00009G-0r; Tue, 21 Jul 2020 16:48:31 -0400
Date: Tue, 21 Jul 2020 16:48:25 -0400
From: John C Klensin <>
To: John Levine <>
Message-ID: <>
In-Reply-To: <20200721201938.D4F7D1D5CAD3@ary.qy>
References: <20200721201938.D4F7D1D5CAD3@ary.qy>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Archived-At: <>
Subject: Re: [ietf-smtp] broken signatures, was Curious
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 21 Jul 2020 20:48:34 -0000


While I mostly agree, we should not lose sight of the fact that
there still people using the Internet in less-developed
countries, isolated locations, over intermittent connections,
etc., where bandwidth tends to be scarce and expensive
Whatever they are using it for, it probably isn't dominated by
high resolution video and, assuming we care about them, saying
"well, it doesn't make a lot of difference to those who have
essentially unlimited bandwidth and who are streaming lots of
video, so no one and nothing else else counts" seems a
unfortunate to me.

In addition, if a possibly-legitimate, possibly-phishing,
message comes along, I'd really like to see us (and our MUAs)
encourage users to look at headers, understand what can be
trusted and what can't, and so on.  Perhaps the educational
effort that would require is hopeless under the best of
circumstances, but it is certainly impossible if we facilitate
and encourage an ever-rising collection of noise header fields.


--On Tuesday, 21 July, 2020 16:19 -0400 John Levine
<> wrote:

> In article
> <20200721073749.Horde.BvL2fIPJNN50jFlj5GWcj_e@webmail.aegee.or
> g> you write:
>> As useless mail headers do make emails heavier, I am in
>> favour of   removing DKIM-Signature headers, that are known
>> to be broken, e.g.   because the current host has modified
>> (and resubmitted) the message.   
> The amount of bandwidth used by e-mail is a rounding error of
> the Internet's total, which is mostly video these dayts, and
> the amount used by broken headers is a rounding error on that
> rounding error.
> Look at the headers of the mail in your inbox, particularly
> mail from large providers, and you'll find megabytes of
> headers that nobody is ever likely to look at or use.  This
> battle was over decades ago.
> R's,
> John
> _______________________________________________
> ietf-smtp mailing list