A quick comment about the general idea of these reserved mailbox
names. They were a good idea when we started using them (and,
of course, "Postmaster" goes back to before our current model of
email). However, in today's environment, one of the nicest
gifts we can give to the spammers and other spreaders of chaos
and DoS attacks on email servers is to hand them a list of
local-parts of addresses that every mail server that supports
delivery to local mailboxes is required or strongly encouraged
to support. Postmaster accounts now get enough unwanted mail
that has nothing to do with the Postmaster function that a large
fraction of those who try to read and understand that traffic on
a daily or better schedule probably have too much time on their
So, please analyze, what happens if a "privacy" address (along
with "Postmaster", "abuse", etc., addresses) is put up and
immediately overwhelmed by spam. Is it worthwhile anyway? Do
you have a good model for mitigating the abusive traffic to an
address that ought to be open to traffic from "strange" sources
to make sure that complaints are either received or the sender
understands that they were not. And then, if you sti8ll think
going ahead with this is a good idea, please include that
analysis in your I-D.
Just my opinion and speaking for no one else.
--On Wednesday, June 13, 2018 16:33 -0400 Yakov Shafranovich
I originally posted this to the DISPATCH list but Murray
Kucherawy recommended that these two lists may be a more
appropriate forum to solicit feedback. Thank you in advance.
Multiple Internet standards describe common mailbox names
(mailbox @ domain) to be used by organizations for
operational and business functions. This document defines
a new mailbox called "privacy" that SHOULD be used for
contacting domain name owners about privacy issues.
ietf-smtp mailing list