Re: [Evolution] Bug 738247 - unwanted information disclosure in message headers

[d18jf98rw use startmail com]

On Monday, September 25, 2017 3:41 AM, Milan Crha <mcrha redhat com> wrote:
 
> On Fri, 2017-09-22 at 17:36 -0400, d18jf98rw use startmail com wrote:
> > Sent from evolution:
> > Received: from [external IP] ([external IP:port]
> > helo=myhost.mydomain.ext)
> >
> > Sent from thunderbird:
> > Received: from [external IP] ([external IP:port] helo=[local IP])
> Hi,
> what is better on local IP (which can be a public IP too),

local IP is better.

> than using
> a local host name, which might not be accessible (resolved) from
> the outside? Is there related any shame on the chosen computer name?
>
> I can understand the need to "stay anonymous" for spammers or the like,
> but regular good citizens might not have a problem with this, maybe?

I would like not to discuss anything other then technical details of bug topic which are clear and simple: 
"unwanted information disclosure".
Simplest example is when a corporate user sends an email using public email server like yahoo/google/aol etc, 
their fully qualified host name may show up in helo part which is not always what they may want.

> Looking around, the SMTP transport uses the name only if
> g_resolver_lookup_by_address() returns anything for the address
> returned by g_socket_connection_get_local_address().
> There is no option to skip this lookup.
I strongly disagree with this statement because thunderbird does not do host name lookup and always uses IP 
address in helo part.

According to gnome bugzilla there was a bug 702703 with exactly the same unwanted information disclosure 
complain and was fixed by you, Milan, four years ago.

Regards,
Josh.