On Thu, 3 Apr 2003 21:23:59 -0700 (MST)
Vernon Schryver <vjs(_at_)calcite(_dot_)rhyolite(_dot_)com> wrote:
From: J C Lawrence <claw(_at_)kanga(_dot_)nu>
The fact that both the above can happen demonstrates protocol holes.
It's not clear whether they are "protocol holes", "protocol
limitations," "undesirable implications of desirable protocol
features," or something else.
20 years ago it was a demonstration of trust. These days, if a protocol
allows unintended and malevolent behaviour without violating the
protocol, that's minimally, at the very conservative end of the scale, a
"hole".
Vernon might also like to note that not all mail from the .nu TLD is
spam: ...
I've blacklisted .nu because of floods of spam and a lack of working
WHOIS database.
I won't bother echoing Chuq.
A few stats that may amuse you.
I run a number of double opt-in lists. In an average month I deliver
between 3 and 5 million messages from those lists to remote MXes
(FWLIW AOL+HotMail+Yahoo+MSN forms less than 3% of my list base, so
the MX count is quite high).
A minimal, and fairly trivial scanning of the .nu space (ie wandering
the sites listed on nic.nu) suggests that mine is by no means the only,
err, valid and useful domain under the TLD. A number of them even have
visibly active mail systems.
Since your messages have been duplicate copies of bulk mailing list
traffic, there's nothing inaccurate about reporting them as
"definitely bulk."
Hardly. My messages as sent are not bulk. After they pass thru the
MLM, _those_ messages are. There is a difference, as revealed by the
Return-Path and envelope.
3. because I had heard rumors that not all .nu domains are owned by
spammers, for some time I've blacklisted .nu senders with "reject"
instead of "discard" so that hypothetical false positives would get
bounces instead of silence.
I'm sure you diligently verify the accuracy and grounds of all such
rumours before acting on them.
4. the lack of working whois server for .nu should imply something in
discussion about the usefulness of authentication for stopping spam.
I'll note merely that all the data you wish for verification is
available by thru nic.nu's web interface. As to current best practice
definitions in regard to whois data and implementations: that's an
argument for a different forum, and one on which there is little
consensus.
5. Could you remind me why I need to see two copies of your words?
Whether or not you need to is your decision, and is not one I can make
or should make for you. Many desire courtesy copies (and even demand
them, to the shock and horror of Exchange admins). If you don't wish
courtesy copies then the onus is on you to draft your messages with
appropriate headers to generate that behaviour, not me.
One reason I didn't immediately take time to whitelist your mail was
to see if your mail system (Exim?) detects the 5yz result of the DATA
command and if you would see the bounces and stop sending me unasked
for duplicates.
Hardly. That's neither my business or interest. If you want to
generate bounces for any reason that's your prerogative, much as if you
want to label things as spam is also your prerogative -- the management
of your mail system is your domain and your problem, not mine. What is
my (and other's) domain and interest is watching what you do there and
how you do those things, and thus deciding how that reflects upon you
and any judgments I may make.
--
J C Lawrence
---------(*) Satan, oscillate my metallic sonatas.
claw(_at_)kanga(_dot_)nu He lived as a devil, eh?
http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg