ietf-asrg
[Top] [All Lists]

1a Inventory of Problems - Re: [Asrg] Spooked mail addresses

2004-02-04 08:56:48
On Feb 4,  9:48am, Alan DeKok wrote:
}
} > The glitch is that when the email arrives in my inbox, the from address
} > is the address of the person sending it, not the publication itself.
} 
}   Such messages are forged spam.  Nothing else.  Is it really that
} difficult for your local browser to copy the web page, and send it?
} Or, to send a URL?

This wanders into the area of copyrights and subscription-only web
services.  It may not be possible for the subscriber to create a URL
that will allow a third party to access the subscription service; it
may be against the service's policy to permit articles to be copied
by the browser for redistribution, though that's harder to prevent.

So the publisher is in a predicament:  If it sends the article from
it's own "identity" the recipient may not recognize the source and will
treat it as spam.  If it sends the article from the identity of the
subscriber, the message appears to be forged.  If it uses client-side
browser scripts to cause the local browser to send the article it falls
afoul of various restrictions designed to protect the user from exploits.

Perhaps forging the sender has been the most likely of these to get the
message seen by the recipient, which is theoretically what both the
publication and the forwarding subscriber want?

Of course spam and the techniques used by spammers are the reason that
the technically correct approach (sending as the publisher) fails.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg