![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
Opened 9 months ago
Last modified 9 months ago
#55 new defect
G.14. The FOR Clause in Received header field: Semantics, Security Considerations, and Other Issues
| Reported by: | alexey.melnikov@… | Owned by: | |
|---|---|---|---|
| Priority: | major | Component: | smtp |
| Version: | Severity: | - | |
| Keywords: | Cc: |
Description
John Klensin wrote:
The FOR clause in time-stamp ("Received:") fields is seriously under-
defined. It is optional, the syntax is clear, but its semantics and
use, while perhaps obvious from content and the application of common
sense, have never been defined ("never" going back to 821). Do we
want to better define it? Is there any chance that a definition
would invalid existing, conforming and sensible, implementations? If
we do want to define semantics, draft text and advice as to where it
should go are invited.
Note the existing discussions in Section 7.2 and Section 7.6 as they
may need adjustment, or at least cross-references, especially if FOR
is more precisely defined.
There is probably an error in Section 7.6. Its last sentence implies
a possible interaction between messages with multiple recipients and
the FOR clause of trace fields. However, because the syntax of the
FOR clause only allows one Mailbox (or Path), it isn't clear if that
statement is meaningful. Should it be revised to discuss other
situations in which including FOR might not be desirable from a
security or privacy standpoint?
Also see Ned Freed's comments:
https://mailarchive.ietf.org/arch/msg/ietf-smtp/hMkwHT-6bi_AwYIxbFJBX5pqjiA