[Mailman-Developers] Stripping Received headers on anonymous lists

[J C Lawrence]

On Mon, 17 Sep 2001 13:54:39 -0700 
Derek Balling <dredd@megacity.org> wrote:

> I mentioned this once before and the general response I got was
> "it uses them for loop detection, so it leaves them alone", but
> for anonymous lists (especially ones dealing with sensitive
> subjects) those received headers can easily give away the identity
> of the person sending the message, which is a Bad Thing.

> The X-Been-There flag SHOULD be catching looping, so I'm not
> worried if this "loop detection of last resort" is removed.

> This really (IMHO) should be there if we want to be able to
> consider anonymous lists anonymous. Right now, they're WORSE than
> anonymous because they give the ILLUSION of anonymity. :(

>From an anonymity perspective, to do it properly ALL headers other
than TO/FROM/CC/SUBJECT need to be removed.

Its also worth realising that the likely most common use of this
feature isn't for anonymity, but is for group presence.  Eg a
MailMan run tech support list where all official reponses come from
the same address.

-- 
J C Lawrence
---------(*)                Satan, oscillate my metallic sonatas.
claw@kanga.nu               He lived as a devil, eh?
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.