On Fri, 29 Dec 2000 10:28:48 -0700 (MST), Vernon Schryver
<vjs(_at_)calcite(_dot_)rhyolite(_dot_)com> wrote:
From: John Stracke <francis(_at_)ecal(_dot_)com>
I don't agree, and merely wanted to point out that other mail systems
have the same problem. There is anti-virus software for Notes, too.
But a sane mail system does not *spread* viruses.
And people I'd want to hire even indirectly through a retail store don't
do as more than one Microsoft advocate has this week (including privately)
and blame Microsoft customers for persistent and common problems.
Inasmuch as I count myself as one person who, on this list, stated
that the problems you cite with M$ software are ramifications of poor
user and administrator education, I'll just toss my response in right
here.
First, I'm no Microsoft advocate. I was a mail administrator for some
number of years in the course of which, I had to deal with Microsoft
messaging products.
Those persons who are responsible for managing Microsoft Exchange
implementations should know that Out-Of-Office responses, as well as
anti-virus application auto-notifications can be given permission to
send to the Internet, just as they can be DENIED permission to send to
the Internet. In fact, with all versions of M$ Exchange up to version
5.5 (the last that I used), auto-replies were, by Default, NOT sent
outside of the mail system in question. Which means that the systems
that had been sending those messages to this list were deliberately
configured to do so. Perhaps a note to abuse@ and postmaster@ might
help clear that up in the future.
The fault is not in the software. The fault is with the users and the
administrators. You wouldn't blame Eudora because someone spams you
using it, so don't do it with Exchange. Admittedly, M$ makes their
product so easy to *barely* setup properly that they *do* contribute
to the dumbing down of the user and administrative base.
But stop blaming the software. It isn't the fault of the software. It
may be poorly designed, it may be bloatware and vaporware, but the
things which are causing your last two uberpeeves, in which I am in
full agreement by the way, are pure implementation problems.
It's disgusting to hear people whine for years "everyone's software does it"
(despite evidence to the contrary), "it's not fair," "it's someone else's
fault," and making false and misleading claims about the number and types
of bad messages instead of jumping to fix the problem.
I agree. Not everyone's software does it, but not everyone's software
gives people an equal level of administrative control. If you
implement Exchange, you're not looking for the complexity or
specificity that sendmail or some other product offer you. You're
basically purchasing McMail. You're looking for whatever benefit you
feel that Exchange provides. At that point, what any other products do
becomes irrelevant.
Spamming is an administrative problem. Administrators are duty-bound
to prevent it. Administrators are duty-bound to address it. If an
Exchange system allows for the unwitting (and entirely witless)
spamming to external addresses, that product is not being adequately
managed. Having done it myself, I promise you - those holes can be
shut down administratively.
[snip...]
Is this stuff bad enough to be banned from places where it is known to
cause problems in order to encourage its perpetrators to stop at best
willfully ignorantly claiming that all software is as bad and fix the
problem?--Yes.
So you are essentially stating that persons who work for companies
that use Microsoft Exchange Server are no longer welcome in IETF
participation unless they use a mailer and get another account of
their own? If so, just come out and say it. So, since Exchange users
will now have to pay for another mail account, why not just let them
use Exchange, but charge them a membership fee and use the cost to
subsidize a moderator?
Your point, while making it nice and convenient for everyone, is
directly contrary to the notion that the internet is for everybody.
Inasmuch as IETF exists under the ISOC umbrella, and since there are
both valid and valued contributors to IETF who use Exchange (I was
once one, thankyouverymuch), perhaps there's a more palatable way to
do this.
Is the vacation feature of the package separate from the
main thing?--perhaps but that's irrelevant.
I disagree. I think it is entirely relevant It's only different
because it's a client-driven feature as opposed to a server-driven
feature.
Is it possible to configure this stuff to not be abusive?--perhaps,
but that's also irrelevant.
It's irrelevant in the same manner as a car can be driven so as not to
cause loss of life among pedestrians.
[snip]
Actually, I don't distinguish between Exchange and Outlook(-Express) and
was referring to the misfeatures of the latter (that for the little I know
might be shared by the former) and that are infamous for carrying enemy
soldiers into umpty-million virtual cities. If you've forgotten that
business, just turn a TV to one of the many end-of-year surveys to hear
all about what the media claims was the biggest virus or worm problem ever
and that was entirely the fault of an idiot boy in the Philippines.
As long as problems such as that and this vacation notice bug remain the
fault of people outside the vendor, they won't be fixed.
I hold Microsoft to blame for those shortcomings, mostly because they
don't tell you what the defaults are in their software. Anyone with a
competency in administration or even the use of Outlook Clients (or
Outlook Express clients) should know to disable the 'Preview Pane'.
They should know to disable the Windows Scripting Host. Do those two
things, and these worms just stop.
Is MS at fault for building an OS where a user program can modify the
kernel at will? Yup. Are they at fault for writing programs that do
things without alerting the user first? Surely. But blame the users
that purchase it for those very features, then don't learn how to
manage them. If all M$ did was write bad software and leave it out
there for general consumption without any market demand, we'd still
have Microsoft 'Bob'.
Happy New Year to all.
Ted Gavin
------------------------------------------------------------
Member - ISOC, IETF, ISTF, CAUCE, APICS