On Apr 20, 2011, at 5:55 AM, Hector Santos wrote:
Murray S. Kucherawy wrote:
Keith Moore
That's not to say that I want MSAs to forward thoroughly broken
messages; I don't. But once a message leaves the MSA, I think the
opportunity to provide any kind of useful feedback to the submitter has
probably passed.
Where the MSA is under the control of someone that wants to exploit browser
or MUA weaknesses, or doesn't care about standards as long as his/her crap
gets to the inbox, doesn't that view of the world means there's no hope for
improvement?
Isn't this a different problem - compromised users?
When there is a compromised MSA user, there are other more serious issues to
address - like detecting by whatever means and lock the user/machine out
immediately. It could be stolen user credentials or machine compromised for
users who are still IP based authorized by their ISP network. I seriously
doubt the compromised user/machine is going to use the same user MUA to blast
spam, it could, but then the user can see that something is wrong.
This gives more weight to the idea to not tolerate standards violations.
Relaxing on standards makes it more difficult to use a delta in MUA
compliance behavior as good or bad.
Please don't propose to penalize users for switching MUAs. It's difficult
enough for people to do as it is, and that is part of why MUAs are so
dysfunctional and have evolved so little over the past 10+ years.
Keith