SMTP RFC: "MUST NOT" change or delete Received header

"Kevin M. Gallagher" <kevin@ageispolis.net> Sat, 29 March 2014 06:59 UTC

Message-ID: <53366F34.8050501@ageispolis.net>
Date: Sat, 29 Mar 2014 02:59:00 -0400
From: "Kevin M. Gallagher" <kevin@ageispolis.net>
MIME-Version: 1.0
To: ietf@ietf.org
Subject: SMTP RFC: "MUST NOT" change or delete Received header
References: <mailman.1570.1395964793.2468.ietf@ietf.org>
In-Reply-To: <mailman.1570.1395964793.2468.ietf@ietf.org>
OpenPGP: id=5921D69C; url=https://ageispolis.net/kmggpg.asc
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/tU_ZbnQ0S3Qmqlsr2fXZ-XksFyQ
Precedence: list

What do people today think of the SMTP RFC's current requirement that
mail programs and servers must not under any circumstances change or
delete Received: headers? Is exposing sender IP addresses to any
attacker who can view e-mail headers, for the purposes of preserving
trace information, really worth it when weighed against considerations
like security and privacy?

http://tools.ietf.org/html/rfc5321#section-4.4

Kevin
@ageis
0x5921D69C

SMTP RFC: "MUST NOT" change or delete Received he… Kevin M. Gallagher
Re: SMTP RFC: "MUST NOT" change or delete Receive… Randy Bush
Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Cridland
Re: SMTP RFC: "MUST NOT" change or delete Receive… Eliot Lear
Re: SMTP RFC: "MUST NOT" change or delete Receive… Ted Lemon
Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Aronson
Re: SMTP RFC: "MUST NOT" change or delete Receive… David Morris
Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
Re: SMTP RFC: "MUST NOT" change or delete Receive… Dale R. Worley
Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Crocker
Re: SMTP RFC: "MUST NOT" change or delete Receive… Scott Brim
Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
Re: SMTP RFC: "MUST NOT" change or delete Receive… David Morris
Re: SMTP RFC: "MUST NOT" change or delete Receive… Ted Lemon
Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
Re: SMTP RFC: "MUST NOT" change or delete Receive… Dick Franks
Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
RE: SMTP RFC: "MUST NOT" change or delete Receive… Christian Huitema
Re: SMTP RFC: "MUST NOT" change or delete Receive… Phillip Hallam-Baker
Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
Re: SMTP RFC: "MUST NOT" change or delete Receive… Phillip Hallam-Baker
Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
Re: SMTP RFC: "MUST NOT" change or delete Receive… Randy Bush
Re: SMTP RFC: "MUST NOT" change or delete Receive… Randy Bush
Re: SMTP RFC: "MUST NOT" change or delete Receive… Ted Lemon
Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
Re: SMTP RFC: "MUST NOT" change or delete Receive… John Levine
Re[2]: SMTP RFC: "MUST NOT" change or delete Rece… mohammed serrhini
Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Crocker
Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
Re: SMTP RFC: "MUST NOT" change or delete Receive… Dave Cridland
Re: SMTP RFC: "MUST NOT" change or delete Receive… Hector Santos
Re: SMTP RFC: "MUST NOT" change or delete Receive… Michael Richardson
Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
Re: SMTP RFC: "MUST NOT" change or delete Receive… John C Klensin
Mail System Reliability [was: Re: SMTP RFC: "MUST… Hector Santos
Re: SMTP RFC: "MUST NOT" change or delete Receive… Phillip Hallam-Baker
Re: SMTP RFC: "MUST NOT" change or delete Receive… Murray S. Kucherawy