[mail-vet-discuss] Draft as of 9/4/2007

[John L]

> The point I'm trying to make is that net-nanny like pronouncements of
> MUST/SHOULD NOT are pointless if an admin thinks some part of their
> population is going to be fooled by it: they'll just ignore it and strip 
> away.

Admins do stupid things every day.  We all agree about that.

I fear you're suffering from a rather severe failure of imagination.

Anybody who picks up mail from more than one mailbox, which is a whole lot 
of people these days, is going to have to check that an AR header arrived 
via an appropriate path before believing it. Otherwise there's an obvious 
attack if one path manages AR headers and the other one doesn't.  Ditto 
people who forward an address on system A to system B, if A does AR and B 
doesn't. Once you're checking the path, it's a trivial amount of extra 
work to check another hop or two and look at AR's added farther away.

If you want to strip off potentially useful AR headers, nobody can keep 
you from doing that, but don't pretend you're doing your users a favor 
when you do.

R's,
John

PS: I get a lot of mail where the From: header is forged.  Perhaps just to 
be safe I should strip all of them, too.