Re: SMTP RFC: "MUST NOT" change or delete Received header
David Morris <dwm@xpasc.com> Sat, 29 March 2014 14:57 UTC
Return-Path: <dwm@xpasc.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8744E1A0564 for <ietf@ietfa.amsl.com>; Sat, 29 Mar 2014 07:57:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.567
X-Spam-Level:
X-Spam-Status: No, score=-1.567 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ew-YDGTGDCUl for <ietf@ietfa.amsl.com>; Sat, 29 Mar 2014 07:57:39 -0700 (PDT)
Received: from c2w3p-2.abacamail.com (c2w3p-2.abacamail.com [67.231.154.153]) by ietfa.amsl.com (Postfix) with ESMTP id 8BFD11A0549 for <ietf@ietf.org>; Sat, 29 Mar 2014 07:57:39 -0700 (PDT)
Received: from xpasc.com (h-68-164-244-186.snva.ca.megapath.net [68.164.244.186]) by c2w3p-2.abacamail.com (Postfix) with ESMTP id 0731E3FB85; Sat, 29 Mar 2014 14:56:50 +0000 (UTC)
Received: from egate.xpasc.com (egate.xpasc.com [10.1.2.49]) by xpasc.com (8.13.8/8.13.8) with ESMTP id s2TEvU4k017145; Sat, 29 Mar 2014 07:57:30 -0700
Date: Sat, 29 Mar 2014 07:57:30 -0700
From: David Morris <dwm@xpasc.com>
To: Eliot Lear <lear@cisco.com>
Subject: Re: SMTP RFC: "MUST NOT" change or delete Received header
In-Reply-To: <5336979B.6000102@cisco.com>
Message-ID: <alpine.LRH.2.01.1403290746330.19664@egate.xpasc.com>
References: <mailman.1570.1395964793.2468.ietf@ietf.org> <53366F34.8050501@ageispolis.net> <5336979B.6000102@cisco.com>
User-Agent: Alpine 2.01 (LRH 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/lVCIxds4lD8ahCEfnzRLOM7PdxY
Cc: "Kevin M. Gallagher" <kevin@ageispolis.net>, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Mar 2014 14:57:40 -0000
On Sat, 29 Mar 2014, Eliot Lear wrote: > Hi Kevin, > > On 3/29/14, 7:59 AM, Kevin M. Gallagher wrote: > > What do people today think of the SMTP RFC's current requirement that > > mail programs and servers must not under any circumstances change or > > delete Received: headers? Is exposing sender IP addresses to any > > attacker who can view e-mail headers, for the purposes of preserving > > trace information, really worth it when weighed against considerations > > like security and privacy? > > > > http://tools.ietf.org/html/rfc5321#section-4.4 > > > > There is at least some value in retaining trace headers both for > debugging and anti-spam (mostly validating what one would expect to for > a given sender see), headers added by an MSA can entail privacy concerns > that (IMHO) outweigh debugging considerations. I would say that the shape of the received headers is one of the things I look at manually to decide if a strange email is legit. That includes any internal headers. I'm really uncomfortable having the IETF endorse removal of received headers considering the finely tuned balance the many anti-spam algorithms must use to protect us, the public, from the deluge of junk mail being generated. I think any change to allow removal should mandate: a) retention of the whole header set and message for some period like 90 days to insure the possiblity of dealing with evil actors (virii for example) behind the removal b) include a 'mark' in replacement header indicating the summary nature of that header c) certify the identity of the sender I don't think mail list software should be allowed to truncate the received chain as I know that is part of at least some anti-spam systems logic which allow blocking some list mail, but not all.
- SMTP RFC: "MUST NOT" change or delete Received he… Kevin M. Gallagher
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Randy Bush
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Cridland
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Eliot Lear
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Ted Lemon
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Aronson
- Re: SMTP RFC: "MUST NOT" change or delete Receive… David Morris
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Dale R. Worley
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Crocker
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Scott Brim
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
- Re: SMTP RFC: "MUST NOT" change or delete Receive… David Morris
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Ted Lemon
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Dick Franks
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
- RE: SMTP RFC: "MUST NOT" change or delete Receive… Christian Huitema
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Phillip Hallam-Baker
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Phillip Hallam-Baker
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Randy Bush
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Randy Bush
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Ted Lemon
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
- Re[2]: SMTP RFC: "MUST NOT" change or delete Rece… mohammed serrhini
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Crocker
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Cridland
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Michael Richardson
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
- Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
- Mail System Reliability [was: Re: SMTP RFC: "MUST… Hector Santos
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Phillip Hallam-Baker
- Re: SMTP RFC: "MUST NOT" change or delete Receive… Murray S. Kucherawy