[4206] in WWW Security List Archive
Re: Return Receipts and Security
daemon@ATHENA.MIT.EDU (Jack Gostl)
Thu Jan 30 11:53:50 1997
Date: Thu, 30 Jan 1997 09:54:30 -0500 (EST)
From: Jack Gostl <gostl@argoscomp.com>
To: "David W. Morris" <dwm@xpasc.com>
Cc: www-security@ns2.rutgers.edu
In-Reply-To: <Pine.SOL.3.95.970130004146.9164F-100000@shell1.aimnet.com>
Errors-To: owner-www-security@ns2.rutgers.edu
On Thu, 30 Jan 1997, David W. Morris wrote:
> On Tue, 28 Jan 1997 Pat_Noziska@gatekeeper.atlas.com wrote:
> >
> > Would there be ANY security-related reason (other than privacy) for a mail host
> > to NOT issue return receipt (or delivery notification) messages on incoming
> > mail messages that request it using a "Return-Receipt-To: " header?
>
> For sure the recipient should have control over whether the receipt is
> sent. That should cover the privacy issue.
>
> Beyond that, I would think a receipt would be a kind of probe response
> which would reveal information about the recipient's current activity
> with the system. Since we don't know anything more about your actual
> implementation design, its hard to be sure, but consider:
>
That Return-Receipt field is pretty mild. It simply says that the local
sendmail got the message, not that the user is signed on. I think a
bigger problem is the X-style receipt that Pegasus can generate, which
goes out when the message is READ. Pegasus allows you to turn it off, but
if you don't, it is exactly what you described, a method for checking
when a user is logged on.
Jack Gostl gostl@argoscomp.com
