Dnia 12.02.2024 o godz. 14:47:41 Sebastian Nielsen via mailop pisze: > When you pass traffic on layer 7, you are the de facto recipient of the > traffic, and when you then “resend” that received traffic somewhere else > than its actually destined, you become responsible. That’s why a reverse > proxy operator becomes responsibility for content he “host”, even if that > is just forwarded requests to a third-party.
Don't think in terms of network layers. Think at one level above the network layers :), on the level of conceptual integrity and flow of the communication as a whole. We may call it a philosophy of communication. We have four parts to any communication: both parties that are communicating, communication channel (which may include proxies, forwarders etc. - it's not important at philosophical level) and the message itself. The communication is integral and true if both parties know who are they communicating with (ie. none of the parties is mis-represented) and the contents of the message is not altered. If you are hiding the original IP that is behind a proxy, you are mis-representing one of the parties, so you are modifying the communication. (BTW. As far as I remember from setting up Squid, it adds the "X-Forwarded-For:" header by default, you don't need to configure anything special. So it's not true that "all proxies are anonymous by default".) Similarly in reverse proxy case you are mis-representing one of the parties, because you are posing as someone else. You make the message apparently come from your domain, while in fact it comes from another source. You are pretending you host the contents, even if you actually don't host it. Which you shouldn't be doing, because you are just a part of a communication channel. And it doesn't matter if you do it on layer 7 or on lower layers. If you are just passing on the message, without modifying its contents, and without mis-representing neither sender nor recipient of the message (note that a "traditionally" forwarded email has both From: and To: headers indicating the original sender and recipient!), you are just a part of a communication channel, and, from logical point of view, you shouldn't have any responsibility. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
