On Tue, Oct 28, 2003 at 05:43:52PM +0100, Arnt Gulbrandsen wrote:
IMHO a personal responder (vacation) should send the message to the
From field.
Do that, and the document die as irate mailing-list posters complain
about having received vacation messages whenever they post to a list.
As outlined in the draft vaction programs should never answer to posts
from a mailing list ;-)
So I don't see that point. Some mailservers (e.g. Lotus) even bounce to
the "From:" field if the bounce is really a double bounce.
My impression was the draft should put things right.
Yep, but at least if things are vaguely close to correct, return-path
does no damage. Sending to reply-to means spewing vacation notices to a
lot of lists, for example. Hardly best current practice.
See above ;-)
Do that, and watch the flames over what should/should not be included.
The same applies to x- fields.
Some people apparently think that mentioning the jungle of fields such as
mailing-list, x-mailing-list, x-listname, x-listmember, x-loop
in an RFC will only cause the jungle to grow worse. Mention only RFC
2369, and people will move to RFC 2369 syntax. There is a point to
that.
So add a list that lists the pro's and con's of each field. Just because
there are controversal opinions is not a reason to drop the topic at all.
That's nowhere close to BCP, and IMO far too controversial.
I kind of wish djb weren't so polarizing.
We had about 5 customers the last 2 month which were sending out weekly
newsletters and complained about the burden of handling the bounces
each week. We talked to them about the principle of VERP and now
they use news+<nnnn>@example.com and a simple script flags the <nnnn>
user in the database and he never gets the newsletter again. They
haven't even thought about that kind of concept before.
I can't see what's controversial or polarizing. I only see as a
postmaster that I have nearly zero problems with lists using VERP
and I have tons of problems with lists using sender addresses like
owner-ietf-822(_at_)mail(_dot_)imc(_dot_)org, especially large lists.
Don't mention DJB, don't call it VERP, but give the readers a hint and a
possible solution.
- As the most important and widely used responder is probably the
"vacation" type it would be nice to have a section with a strict
ruleset how a vacation program is to be written (timeout sender
addresses at least n days, dont answer if ..., send repsonse to,
...)
Achieve agreement on what the rules should be?
If there are rules there would be something a programmer of a vacation
type program could stick to. Now they all invent the wheel from scratch
and the result is all the broken vacation programs we have now.
And what are rules for a vacation program can also be applied to "my
address has changed" or "we have received your message and are working
on it "type of responders.
The draft will not change anything with regard to this without rules
and we'll see more and more broken stuff.
Inappropriate, IMO. Too much of a special case, and besides, you don't
want to ignore a whole category just like that.
You mean something that makes 90% of all "responder" traffic at times
is an "inappropriate special case"? ;-)
If someone wants to ignore a whole category or not is IMHO the decision
of this person/company. But you deny them the opportunity at all.
I personally wouldn't like to ignore the whole category, but at times
I would like to ignore exactly
Auto-Submitted: antivirus-generated; W32/Sobig-F
Lobby Sophos to add "auto-generated" and tweak your incident system to
add a call only when you receive an auto-generated message with
previously unseen body text. That way, you deal with each virus once,
which sounds about right.
We don't get the messages from our own scanners. I have hooks in that
don't send notifies at all on e.g. W32/Sobig-F, W32/Klez-H,
W32/Fizzer-A, ...
But a lot of viri scanner seem to have a template mechanism where each
admin can configure his own warning messages. With current viri faking
sender addresses you get flooded with false warnings from other
scanners. At the prime time of Sobig-F we had more than 100 false
warnings to our info(_at_)space(_dot_)net within an hour.
I have tried to use filters for W32/Sobig-F warnings and gave up after
30 different warnings within one hour.
The same could however be achieved with
Auto-Submitted: auto-generated; antivirus W32/Sobig-F
and maybe antivirus vendors will take it up in a way like that but then
we'd have 30 different semi-standarized comment fields ;-)
Anyway ... I don't want to look like a killjoy and all your comments
are perfectly valid. I only wanted to add a few thoughts and make
some of them a bit clearer.
--Arnt (sitting maybe 15m from Markus)
*smile*
(Which I admittedly wouldn't have noticed without you mentioning it :)
Enjoy your meal!
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"