Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

"Robert A. Rosenberg" <> Tue, 01 December 2015 19:43 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id E30121B2F67; Tue, 1 Dec 2015 11:43:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aBuXC4a5TJWc; Tue, 1 Dec 2015 11:43:14 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 713741ACD05; Tue, 1 Dec 2015 11:43:14 -0800 (PST)
Received: from [] ( []) by (Postfix) with ESMTPA id 2C7A016DAA; Tue, 1 Dec 2015 14:43:11 -0500 (EST)
Mime-Version: 1.0
Message-Id: <p06240403d283a4791d5a@[]>
In-Reply-To: <>
References: <20151201174025.18409.qmail@ary.lan> <>
X-Mailer: Eudora for Mac OS X 6.2.4 (MacOS 10.5.8)
Date: Tue, 1 Dec 2015 13:36:04 -0600
To: Ted Lemon <>
From: "Robert A. Rosenberg" <>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Archived-At: <>
X-Mailman-Approved-At: Thu, 03 Dec 2015 08:14:59 -0800
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 01 Dec 2015 19:43:16 -0000

At 17:58 +0000 on 12/01/2015, Ted Lemon wrote about Re: [ietf-smtp] 
[Shutup] Proposed Charter for the "SMTP Hea:

>The benefit is pretty obvious.   If my IP address and identity 
>information appears in a Received: header field, then I can't send 
>mail to a public mailing list without revealing to the world 
>geolocation information that could be used for doxxing/swatting me, 
>or for various other nefarious activities, and I can't send email to 
>an individual unless I am willing to reveal that information to that 
>individual.   And I can't send email through any server operated by 
>anyone to whom I do not wish to reveal that information.

I remember that years ago (but no longer) there was a remailer server 
somewhere in Europe that handled most of this situation. You sent it 
your message (with routing info in the message body) and it stripped 
off the identification info and headers and sent it to the desired 
destination using a new identity. All replies (and other messages to 
that identity) went back to the server which then repackaged the 
message and sent it back to you.

Of course you had to trust the remailer's operator and accept the 
fact that you were talking to it might be an exposure.