[Top] [All Lists]

Vacation draft

2004-07-30 02:36:37

I have two comments to the section security considerations:

Sending out an automated reply with "Re: " and the subject is dangerous.
Many mailing lists verify the mail address by sending a mail with a key
in the subject.  Simply replying to such a mail confirms you want to
subscribe to it.  If people use vacation, it is easy to subscribe them
to a spam list and prove that it *is* opt-in by keeping the confirmation
and throwing away the original faked subscription request.

Mail systems should be allowed to bypass the time if the database to
remember senders becomes too large.  I suggest to allow the implementation
to expire entries if the number of different senders becomes too big.
The draft could set a minimum database size. Say 100 or 1000 different
senders must be remembered, but implementations may store more.

As I noticed, the draft ist expired.  Any plans to bring it back?


<Prev in Thread] Current Thread [Next in Thread>