On Sat, Mar 29, 2014 at 10:59 AM, John Levine <johnl@xxxxxxxxx> wrote:
>What do people today think of the SMTP RFC's current requirement thatThe headers are useful for debugging, particularly for things like
>mail programs and servers must not under any circumstances change or
>delete Received: headers? Is exposing sender IP addresses to any
>attacker who can view e-mail headers, for the purposes of preserving
>trace information, really worth it when weighed against considerations
>like security and privacy?
forwarding loops.
Debugging is not a justification for MUST.
Never, ever, ever. The justifications are
* Interoperability
* Security / stability.
The justification for MUST was I suspect to prevent infinite recursion mail loops. For that particular purpose a count is sufficient.
Particularly on public webmail systems, it lets you
see where spam is coming from, and offers the possibility of alerting
the originating operator if you think they'll care. Gmail is notable
in redacting this from some (not all) of their outgoing mail.
What sorts of attacks do you think are enabled by allowing mail
recipients to see the headers?
The requirement does not meet contemporary requirements for MUST so it is invalid. Systems out on the net are justifiably ignoring it.
Website: http://hallambaker.com/