IETF Logo Mail Archive

Re: SMTP RFC: "MUST NOT" change or delete Received header

Phillip Hallam-Baker <hallam@gmail.com> Tue, 01 April 2014 16:47 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7273C1A0998 for <ietf@ietfa.amsl.com>; Tue, 1 Apr 2014 09:47:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mM_O2OcVdtKX for <ietf@ietfa.amsl.com>; Tue, 1 Apr 2014 09:47:41 -0700 (PDT)
Received: from mail-lb0-x234.google.com (mail-lb0-x234.google.com [IPv6:2a00:1450:4010:c04::234]) by ietfa.amsl.com (Postfix) with ESMTP id 9C06B1A0564 for <ietf@ietf.org>; Tue, 1 Apr 2014 09:47:40 -0700 (PDT)
Received: by mail-lb0-f180.google.com with SMTP id 10so6996644lbg.25 for <ietf@ietf.org>; Tue, 01 Apr 2014 09:47:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=qzturFC/YcTldRD3f/cEDu2Hk9/hhNEAjum/0dEWgjo=; b=VMnLGVrVWvzMmWnrV+G0RaTfmY3T69QErCrDsrhaEPq/JxZtEc8VHAWiEel4Dq4PQH wTmdcnp21ZpJPQhaMaSUv9ysBIfXR4pkY029qb+hKsGmvQVTYVp6pTqy7x3rsRzwfbwV 6KiHzWU3mCnECipoDss5G0AMpMR4BBOh8wB2+8zEI6pfxEKrN6pl1FvKmnjlsycNdMLU +QZNcsYkm8YaAYaUsAyrM38l65EdSvKmZiSq1EgYV3a8z1YNVaiBzhpB/HAmzyFXZ5WW rzIgaMJYrzF06qh/VCS0rJy84jsvwUfQHQwp83t+LSl7amRGM38Ww5BxOC0CLmPXiSy8 tjSg==
MIME-Version: 1.0
X-Received: by 10.112.147.36 with SMTP id th4mr2310902lbb.32.1396370856478; Tue, 01 Apr 2014 09:47:36 -0700 (PDT)
Received: by 10.112.234.229 with HTTP; Tue, 1 Apr 2014 09:47:36 -0700 (PDT)
In-Reply-To: <m28urr9rcp.wl%randy@psg.com>
References: <20140330151432.2721.qmail@joyce.lan> <A3DE810811F791EDC532BDFB@JcK-HP8200.jck.com> <m28urr9rcp.wl%randy@psg.com>
Date: Tue, 01 Apr 2014 12:47:36 -0400
Message-ID: <CAMm+LwiE_U2jY8xkdUCNxACaTVM6h8i-Xh1PnK_PC-QvRLkyCw@mail.gmail.com>
Subject: Re: SMTP RFC: "MUST NOT" change or delete Received header
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Randy Bush <randy@psg.com>
Content-Type: multipart/alternative; boundary="047d7b3a8666e00c8d04f5fdec6d"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/4KaC5k-ngDfxuTaUIgmjX-0KWpc
Cc: John C Klensin <john-ietf@jck.com>, IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Apr 2014 16:47:43 -0000

If you need to do manual debugging daily then you are not engaged in
debugging, you have a protocol that depends on manual intervention.

That is an architectural defect.

I understand your pain, what I don't understand is why you tolerate it or
my business model for mitigating your problem. I have no qualms about
telling people that their 'requirement' to run infrastructure obsolete
twenty years is not a requirement I recognize.

The bar for justifying MUST requirements should be very high. They
certainly should not become a mechanism for people to defer the cost of
upgrading their infrastructure onto the rest of us.


"Running a relay" is not a properly stated requirement. What is this relay
for? If it is for gating X.400 or DECNET mail then my response would be
more or less 'not only do I reject your requirement, I would if it were
legal and expeditious to do so personally go to the system in question and
reprogram it with a very large axe'. The privacy concerns for running
different types of gateway/relay/mailing list are all very different.
Simply stating they are essential does not persuade me.

Every time a message passes through a relay it is because either the sender
has configured their mail to do that or the receiver has configured their
mail to do use it. So the privacy concerns are very different for those
hops to the concerns that arise when the sender hands a message over to the
receiver.

The reason the privacy concerns come up is that the relay has no idea what
role it is forwarding the message under, whether it is acting for the
sender or the receiver.




On Sun, Mar 30, 2014 at 7:52 PM, Randy Bush <randy@psg.com> wrote:

> the day was weird enough already without my having to agree with an
> entire, typically long, jck posting :)
>
> the truth is, i have not used received: headers to authenticate/debug
> [0] since yesterday.  but it's not yet 09:00, so there is still time
> today.
>
> randy
>
> ---
>
> [0] - from an ops pov, loop detection, lists subscribing to eachother,
>       and all that stuff is debugging.
>
>


-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email