Ian Walls <koha.sek...@gmail.com> > IP address is not sufficiently rigourous to identify and individual or even > a location (TOR network and all that). It's routinely mis-used as such an > identifier. I don't see any benefit to adding it to Koha's outgoing > emails, since it cannot be relied upon, and it could put people at risk of > ill-advised legal sanction. > > If there is a strong use case for it, it would need to go behind a syspref, > with the default value set to "disable". But personally I don't think it's > worth including.
I don't either. IP addresses are usually registered to a person (including legal persons like companies) and/or a place (which is inexact because one of my Norfolk IP addresses is incorrectly thought to be in Somerset, while another is somewhere in Yorkshire...), so they're roughly like phone numbers. The Koha user_id is more identifying and more likely to be owned by the person triggering the email. Having Koha send out an IP address in a cleartext email seems like a possible breach of privacy law in some situations, handing over what might be someone else's phone numbers... sorry, IP address numbers. The argument that people need to be able to tell IP addresses to terrorist lawmakers seems unrelated: that information can be logged on the server if wanted. The email recipient and intermediate handlers do not need to know the requestor's IP address under the terror laws I've seen, only where they got it from. So, no IP address, but if you think you must, syspref default disabled. Regards, -- MJ Ray (slef), member of www.software.coop, a for-more-than-profit co-op. http://koha-community.org supporter, web and library systems developer. In My Opinion Only: see http://mjr.towers.org.uk/email.html Available for hire (including development) at http://www.software.coop/ _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha
