On Tue, 05 Aug 1997 10:20:58 PDT, Chris Newman said:
What is the purpose of restricting postings based on the envelope address?
It's obviously *not* a security issue as anyone can generate email from
any address trivially (own a copy of Netscape?). I claim the primary
purpose is to reduce spam. Permitting postings from user if user+foo is
subscribed has no impact on this primary purpose.
ARGH!!!
How many times do I have to say this?
*YOU* *DO* *NOT* *KNOW* if 'user' and 'user+foo' are in fact the same
address or not. You cannot tell if the remote system sending the mail is
or is not using your extension.
This applies to *ALL* interactions with an MLM, not just posting. Subscribing,
unsubscribing, requesting archive - which may be private and/or sensitive.
I'll let *YOU* deal with the irate phone calls because one user got a
corporate-sensitive archive he should not have been able to, just because
his site did *NOT* use your subaddressing scheme and your MLM assumed it did.
Until you explain how a MLM can *tell* that a given address is or
is not using subadressing, you MAY NOT (rfc2119 sense) give a MLM any
right to guess/assume/pull-out-of-its-rectum any decision based on the
"fact" that an address that contains a '+' is in fact using subaddressing.
Have I made this clear? YOU CANNOT REQUIRE OR EVEN SUGGEST THAT AN MLM
DO ANYTHING WITH SUBADDRESSING UNLESS IT IS EITHER A 'MUST' STANDARD OR
YOU HAVE A WAY OF TELLING ON THE FLY IF THE REMOTE SITE SUPPORTS IT.
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
pgpMTxd2Jgpwz.pgp
Description: PGP signature