procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: very private e-mail

2003-11-04 10:56:17
from [Professional Software Engineering] [Permanent Link] 
At 12:39 2003-11-04 -0100, Klaus Johannes Rusch wrote:


See http://tmda.net/ or search for "procmail challenge response" using your
favorite search engines for implementations and opinions on this type of
filtering (in short, works well as long as the senders are not
robots/autoresponders that ignore your polite request for sending a response to your challenge)
*AND* this causes specific troubles for operators of discussion lists, as well as the participants on same. IF you're going to use a challenge-response (C-R) system, be prepared to either fail to be able to confirm s*bscriptions to new lists (when a never-before-seen email address sends you a message requesting you to confirm your s*bscription by hitting a website or replying with some specific text), or to get booted from lists when the admin finds you're responsible for autoreplies of this nature to every participant.
Be prepared to deal (or more appropriatley, NOT deal) with people who decide that it isn't THEIR job to safeguard your inbox, and once they receive a challenge when they're REPLYING to a message you posted on a list, they opt to dump your mail rather than deal with the added work.
Further, take a few moments to consider the outcome of when YOUR C-R system sends a message in response to someone elses' C-R (say, a different implementation, so implementation-specific safeguards against this will prove completely worthless).
You're much better off just whitelisting the people/lists you communicate with - you'll likely lose much less mail, and will certainly annoy fewer people.
I've seen enough people start using one of these systems and annoy the heck out of tons of other people, or of the listadmin, and I've seen people fail to be able to sign up for a list because their C-R system belts thest things out at the listprocessor, and then they go emailing some support person, via an address they find on a webpage, but the actual support response comes from a different address, meaning even if your C-R system auto-whitelists addresses you send messages to, the reply may still have to contend with the C-R process. The systems which insist on sending these responses out automatically for each incoming message, rather than sorting out which addresses have been queried already, are exceptionally annoying - by the time the responsible user even becomes aware that they're causing a big problem for others, they've already been kicked off the list, and been inserted into several individual killfiles, never to be removed.
Consider also VIRUSES. You know - the ones that forge the sender and From: addresses to be some poor sap who just happens to be in the saves email or addressbook of the infected user. Similarly, SPAM joe-jobs, where a spammer deliberatley forges their From: to be the address of some poor sod who has nothing to do with it, except perhaps the spammer knows that guy complained about the spammer previously.
C-R isn't a cure - it offloads your problem onto other people - people who are not responsible for your spam problem to begin with. 

---
 Sean B. Straw / Professional Software Engineering

 Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
 Please DO NOT carbon me on list replies.  I'll get my copy from the list.


_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: recipe help, David W. Tamkin
Next by Date:  RE: HELP: Missing action, Bill Polhemus
Previous by Thread:  Re: very private e-mail, Klaus Johannes Rusch
Next by Thread:  Re: very private e-mail, Charles Gregory
Indexes:  [Date] [Thread] [Top] [All Lists]