On Wed, Dec 02, 2015 at 03:35:04AM +0000, Ted Lemon wrote:
This is a stereotype, which very clearly is not grounded in any kind
of serious, statistically sound survey of real-world users.
Neither is my assertion that the ocean is wet, but everyone with
real-world experience knows it's true.
But if you really must: I suggest setting up an address, subscribing
it to at least a thousand different and topic/location-varied mailing
lists and then pushing all the incoming traffic through a procmail
filter that stashes everything for future analysis. Then wait
a few years. Or decades. My corpus has about 25 years' worth of
traffic and is about 40G, gzip'd. Message count is around 24M.
You can then, for example, write a script (or find one) that
strips off headers or signature blocks or whatever and tosses
them into a hopper for analysis.
What you will very quickly discover is that users are *deliberately*
handing out far more and far more useful information about themselves
than their mail servers are *incidentally* handing out. You're fretting
over a tiny breadcrumb when there's a full buffet sitting on the table.
---rsk
p.s. Speaking of real-world users, if I want to know somebody's
(current) IP address, one reliable technique is to get them to click
on a unique link that corresponds to a URL on a web server whose logs
I can access. Thus if I want Joe Cool to cough up his current
IP address, I can say:
"Hey, Joe, why dontcha check this out?
http://www.example.com/stuff-for-joe.html
Thanks, man."
I can ask Joe to do this via any means available -- email, IM,
IRC, text, etc. And "Joe", for a value of "Joe" approximating
"darn near everyone", will do it. (If this were not true, then
phishing, drive-by malware downloads, etc., would not be so
incredibly successful.) Various methods of encouraging Joe
to comply exist, as noted by Marcus Ranum:
"There have been numerous interesting studies that indicate that
a significant percentage of users will trade their password for
a candy bar, and the Anna Kournikova worm showed us that nearly
1/2 of humanity will click on anything purporting to contain
nude pictures of semi-famous females."
(See http://www.ranum.com/security/computer_security/editorials/dumb/)
Like I said above: this is *one* reliable technique: there are many others.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp