Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Stephen Farrell <> Wed, 02 December 2015 01:57 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 3E77D1B30E4; Tue, 1 Dec 2015 17:57:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id mtv5YSzjO1eX; Tue, 1 Dec 2015 17:57:05 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8D9381B30DF; Tue, 1 Dec 2015 17:57:05 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9A458BE7C; Wed, 2 Dec 2015 01:57:03 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 0XFVFjE5StrJ; Wed, 2 Dec 2015 01:57:02 +0000 (GMT)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id 4DE1ABE75; Wed, 2 Dec 2015 01:57:01 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail; t=1449021422; bh=7rxzRTZ/baTyD+zS7LG0QNadPqiQ50cI1axZ7CjEiVQ=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=I0rtztu9DeNrZSjDpMfkAgmODFwIORVpbnzpsNyLSwHcW2sGPHZNHbrIuyqnWNu3Y cAn1YMPT49vsa/OSHhr4mn3L1zQZurFSfA6Lf9nid1oxgEkMlxYfCAdwLpLq+BIxS5 btXX8N/H18dbDpXjXMCn63eZx2cNaEdfPS8NKrfI=
To: Chris Lewis <>,
References: <20151130042819.10658.qmail@ary.lan> <> <> <> <> <> <> <>
From: Stephen Farrell <>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <>
Date: Wed, 2 Dec 2015 01:57:00 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 02 Dec 2015 01:57:11 -0000

On 02/12/15 01:43, Chris Lewis wrote:
> It's far better to train them in the reality of what they need to do to
> preserve their own privacy, than the impossibility of trying to
> privacy-protect everything (and still have something anybody wants to use).

Do you have any evidence for the above?

But in any case, I think your argument is clearly wrong because we
know that it is not possible to "train them" in security or privacy.
(That leaves open the possibility that your conclusion is correct
based on some other argument, but very much weakens confidence in
your conclusion for me.)

IMO the onus is on us as technology developers to ensure that what
we make allows those who deploy that to do a good enough job. In
this case there is room for debate about the cumulative privacy
exposure from many messages including MUA IP addresses (or of
popular implementations defaulting to do so) vs. the benefits
accruing to anti-spam techniques.

For me, claims that any of this is so obvious as to not even need to
be looked are not at all convincing. And in that I do include claims
that "all we need to do is X and it'll be privacy friendly" (for any
X) as well as claims to "move on, there's nothing to see here."