On Jun 2, 2010, at 8:08 AM, Al Iverson wrote:
On Wed, Jun 2, 2010 at 9:48 AM, John R. Levine <johnl(_at_)iecc(_dot_)com>
wrote:
given the recent discussions, it seems to me that people want to have a
definition of what 'discard' means in the context as described above. As a
non-native English speaker (or what's the right term?) I suppose (but am not
sure) the word 'discard' can have multiple meanings (apart from 'To throw
away'). Otherwise 'silently discard' would be a pleonasm, isn't it?
Your English is fine. "Discard" means throw away.
Agree. "Discard" and "silently discard" mean the same thing, in my
opinion. Though, I am guilty of using the phrase "silently discard."
Maybe in an attempt to be slightly over-specific.
In the email filter space there is sometimes a distinction.
"Discard" is sometimes used to mean "discard and notify". That is "throw
away the content of the message, but send a message to the intended
recipient telling them you've done so." Virus filters often do this sort of
thing.
"Silently discard" clarifies that you really just mean "throw it away", and
throughout the development process that was the intended meaning of
the word "discard" in the spec.
The advantage of the notification is that it allows the recipient to be aware
of false positives. The disadvantage is that, unlike virus filtering, phishing
can be designed to work even though the main body of the message is
discarded, by designing the message such that the right part of it (such
as a URL) is passed through the notification process. The only way to
entirely avoid that is to avoid identifying the message that was discarded
in the notification, and that's just appallingly bad UX all around.
Given the appalling false positive rates, I'm not sure that "silently discard"
is *clearly* the right thing to do, but "discard and notify" has even bigger
problems.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html