Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

Martijn Grooten <martijn@lapsedordinary.net> Tue, 01 December 2015 19:23 UTC

Return-Path: <martijn@lapsedordinary.net>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18D5B1B2F4E; Tue, 1 Dec 2015 11:23:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.321
X-Spam-Level:
X-Spam-Status: No, score=0.321 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_NET=0.611, HOST_MISMATCH_COM=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HOyPc_jbg6Cx; Tue, 1 Dec 2015 11:23:54 -0800 (PST)
Received: from mail.lapsedordinary.net (thinksmall.vps.bitfolk.com [85.119.83.85]) by ietfa.amsl.com (Postfix) with ESMTP id 069721B2F34; Tue, 1 Dec 2015 11:23:54 -0800 (PST)
Received: by mail.lapsedordinary.net (Postfix, from userid 1000) id 74B6E343FE; Tue, 1 Dec 2015 19:23:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lapsedordinary.net; s=mail; t=1448997833; bh=QJ/ODCQC6N4yAxjVtgksmJoQ8ySw1Df0pRPClgvjZQU=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:In-Reply-To; b=Yv0M4I+gddiNv96pkqUUS1/az6FfQU1XXzWQUKKHKRGDM4HlrThQpmBRJuZd1gCU3 TgQG4WgESCng3fWF2YBxlwB8zgup3HDvoomnuc1bsgGHFrEL5gGPxfTFZ7mG+k/Csx sIZ8U/xYbuRFG6L3h8uD9X6WEKyVfZ/IUn16EouI=
Date: Tue, 1 Dec 2015 19:23:53 +0000
From: Martijn Grooten <martijn@lapsedordinary.net>
To: ietf-smtp@ietf.org
Message-ID: <20151201192353.GA23999@lapsedordinary.net>
References: <20151130042819.10658.qmail@ary.lan> <1448858775386-ceecd236-8b11ac04-a03b4438@fugue.com> <glJrvFDUtDXWFA87@highwayman.com> <1448923888960-cb7e590f-f443f8dd-7ec594e1@fugue.com> <565CD58D.9080403@dcrocker.net> <1448924778159-4b16d8e4-631c41b1-52b0fbf2@fugue.com> <605ee74e-863d-47cb-9089-fb83e13e4e38@gulbrandsen.priv.no> <565D9CFC.6070102@pscs.co.uk> <1448988713596-9f0a5014-48bb3a2c-8e1bc938@fugue.com> <565DE53F.2080904@mustelids.ca>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="DocE+STaALJfprDB"
Content-Disposition: inline
In-Reply-To: <565DE53F.2080904@mustelids.ca>
User-Agent: Mutt/1.5.20 (2009-06-14)
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/lTuvkR2zCueAEEECoZNioYlbkCY>
Cc: shutup@ietf.org
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2015 19:23:56 -0000

On Tue, Dec 01, 2015 at 01:21:51PM -0500, Chris Lewis wrote:
> "Standardized" or not, Received lines provide a rich detail of fodder
> for filtering, whether or not the filter manages to understand what
> the received line is trying to say about where the email allegedly
> came from or how it got there.  The IP could just as easily be a
> non-reversible encrypted blob unique to the sending user that only the
> provider understands, but the receiver can filter on.
> 
> I say "allegedly", because the actual source (personal attribution) of
> the email is generally irrelevant to filtering. Our primary goal is
> stopping the trash, a secondary goal is helping the infectee fix their
> problem, but if the provider wants to interfere with the latter, well,
> we can live with it.

I think this is a very good point. A recommendation to substitute a
"non-reversible encrypted blob" for the sender's IP address seems to me
a good balance between privacy and security.

I agree that if keeping your geolocation is a matter of life and death,
you shouldn't use email, but for me that is not a reason for the IP
address to be visible for anyone who can read the email. I think privacy
matters, even when it's not about life and death.

Martijn.