Re: [Exim] "privacy" issues in list delivery

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Yann Golanski
Date:  
À: Peter Galbavy
CC: exim-users
Sujet: Re: [Exim] "privacy" issues in list delivery
On Fri, Feb 23, 2001 at 10:38:28AM -0000, Peter Galbavy wrote:
> I am relooking at the way we support mailing lists in our exim install in
> advance of moving over to putting all the configs in an SQL backend.
>
> As part of this, I am looking at the "privacy" options that we could offer.
> I have two issues:
>
> 1. Technical; is there a way of doing "headers_remove_all_execpt" ? I would
> do this to provide the facility to strip out all headers except a group of
> standard ones, which I would rewrite as I wished. headers_remove doesn't let
> me remove headers that I don't know about.


This is terrible practice. Don't do it!

> 2. Political; How can I continue to provide traceability between the final
> message (with just one Received: header etc.) and the removed headers ? Can
> the removed headers be logged somewhere ?


You cann't, so don't do it.

> I am not trying to build an mail anonymiser or spam helper, so neither
> extreme is desirable. I am mearly looking to offer the choive to our
> customers on lists they create and manage, but also want to ensure that if
> things going screwy, we can trace things back.
>
> What do other do in these situations ?


Have a look at Mailman, it is well designed and has good privacy.

In the last Security Usenix conference, someone (cann't remember who)
proposed a mailing system that was highly secure and provate. I cann't
remember the details (like urls and co), but it should be easy to find
on Usenix or through the archives as I have posted the URL here before.

If you cann't find it, mail me and I'll look throught my papers at home.

-- 
                         www.kierun.org
Yann@???                                Use Pretty Good Privacy.