Re: [Exim] "privacy" issues in list delivery

Top Page
Delete this message
Reply to this message
Author: Peter Galbavy
Date:  
To: Yann Golanski
CC: exim-users
Subject: Re: [Exim] "privacy" issues in list delivery
> > 1. Technical; is there a way of doing "headers_remove_all_execpt" ? I
would
> > do this to provide the facility to strip out all headers except a group

of
> > standard ones, which I would rewrite as I wished. headers_remove doesn't

let
> > me remove headers that I don't know about.
>
> This is terrible practice. Don't do it!


Your terrible practice is someone elses requirement. Please do not try to
make rules up for other people to follow without working through a consensus
or authoritarian scheme, such as for example publishing and RFC or passing a
law.

My query above was with regards to mechanism, not desirability. Thanks all
the same.

> > 2. Political; How can I continue to provide traceability between the

final
> > message (with just one Received: header etc.) and the removed headers ?

Can
> > the removed headers be logged somewhere ?
>
> You cann't, so don't do it.


Please see above.

> Have a look at Mailman, it is well designed and has good privacy.


Yes, I am using the mailman feature list (amongst others) to model some of
the options on. For various reasons of integration etc. we will not be able
to use mailman until it reaches at least version 3 tells me one of the
mailman hackers. Version 3 will apparently be a complete rewrite and
introduce modular features that would make it possible for us to use it in
our environment.

> In the last Security Usenix conference, someone (cann't remember who)
> proposed a mailing system that was highly secure and provate. I cann't
> remember the details (like urls and co), but it should be easy to find
> on Usenix or through the archives as I have posted the URL here before.
>
> If you cann't find it, mail me and I'll look throught my papers at home.


That reference would be useful, thank you.

Peter