Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Martijn Grooten <> Mon, 30 November 2015 19:28 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id B91BC1B2B92; Mon, 30 Nov 2015 11:28:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.079
X-Spam-Status: No, score=-1.079 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_NET=0.611, HOST_MISMATCH_COM=0.311, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id UDrQyitQOGpe; Mon, 30 Nov 2015 11:28:42 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 7C5041B2B90; Mon, 30 Nov 2015 11:28:42 -0800 (PST)
Received: by (Postfix, from userid 1000) id A84F5343FE; Mon, 30 Nov 2015 19:28:41 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=mail; t=1448911721; bh=e6429LKfYfRcNEUfB7t0chYwPVhEyrYySAa988+4NS0=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:In-Reply-To; b=YZ+Hr4/TN21kwhz8zv2AWNGL+j35zgkysNUkBweMnmam2lMiAJEGIgD24+Q79NQao JuxiM6kwCCY8o7RrwQM7e7smT4b8AMvCOxwnsmX18kyYFTHjt+mGj9dEywdFk0/w5Y 2Dhfx4dEz3kK/1I+S5bg87CLGmBtFsCyQoBLy0g4=
Date: Mon, 30 Nov 2015 19:28:41 +0000
From: Martijn Grooten <>
Message-ID: <>
References: <> <20151129181346.9221.qmail@ary.lan>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20151129181346.9221.qmail@ary.lan>
User-Agent: Mutt/1.5.20 (2009-06-14)
Archived-At: <>
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 30 Nov 2015 19:28:43 -0000

On Sun, Nov 29, 2015 at 06:13:46PM -0000, John Levine wrote:
> It's not even privacy vs. ops support, it's privacy issues via some
> hints of sender's location vs. privacy issues via the recipient
> getting spammed, phished, and malware'd.

We're actually pretty good at fighting various kinds of malicious email
and while I know headers like Received do play a role there, I'm not yet
convinced that their role is so fundamental that removing them, or
removing essential parts of them, would see these (proactive and
reactive) defenses collapse.

And I do actually think there is a privacy issue here and that we
shouldn't dismiss that right away.

However, I agree with others that the proposed charter seems a little
premature and that, to quote Dave Crocker, we ought to have "public
discussion about the technical aspects of this policy tradeoff" first.