[Mailman-Developers] Stripping Received headers on anonymous lists
J C Lawrence
claw@kanga.nu
Tue, 18 Sep 2001 00:41:24 -0700
On Mon, 17 Sep 2001 13:54:39 -0700
Derek Balling <dredd@megacity.org> wrote:
> I mentioned this once before and the general response I got was
> "it uses them for loop detection, so it leaves them alone", but
> for anonymous lists (especially ones dealing with sensitive
> subjects) those received headers can easily give away the identity
> of the person sending the message, which is a Bad Thing.
> The X-Been-There flag SHOULD be catching looping, so I'm not
> worried if this "loop detection of last resort" is removed.
> This really (IMHO) should be there if we want to be able to
> consider anonymous lists anonymous. Right now, they're WORSE than
> anonymous because they give the ILLUSION of anonymity. :(
>From an anonymity perspective, to do it properly ALL headers other
than TO/FROM/CC/SUBJECT need to be removed.
Its also worth realising that the likely most common use of this
feature isn't for anonymity, but is for group presence. Eg a
MailMan run tech support list where all official reponses come from
the same address.
--
J C Lawrence
---------(*) Satan, oscillate my metallic sonatas.
claw@kanga.nu He lived as a devil, eh?
http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live.