At 12:28 PM 2002-12-26 -0500, Charlie Summers wrote:
> Yes, and no. Most mailers are configured as you note, but I have seen some
>(in retuned or copied mail from my lists) which add X-something* headers
>containing each address delivered to the machine in clear. If fifteen people
>on a machine are receiving an email in this specific transaction, these odd
>configurations will add fifteen X-something header fields each containing one
>address.
I've seen some that randomly graft the tail end of one piece of mail to the
headers of another. This is actually a fairly simply hole to fall into -
many MTAs keep bodies and internal headers in one file and envelope
information in another file. One crash and file system, "repair" later and
you have a body going to a totally unrelated envelope.
I can't recall seeing any thing that is as intentionally as broken as you
describe on every e-mail, but I would easily believe that such a thing
exists. There are all sorts of mail server admins out the who not only do
not have a clue but seem to in incapable of being loaned or rented a
clue. Now, I thought about this for about thirty milliseconds before I
decided that anything was capable of being broken, and that people should
not allow themselves to be pushed into irrational actions to account for
every conceivable disfunction that can be perpetrated by a clueless admin.
Were this being done by as many as 1% of the mail server admins in the
world, that would be one thing. But it is not. It is being done by
someone, somewhere, and I have no reason to believe that if someone hit
this admin with a clue stick that they would not fix their problem. Nor do
I believe that it is right to break your deliveries to the masses to
account for 0.0000001% of the population.
In my opinion, the right way to fix this, supposing you are running the
proverbial AA mailing list, is when you see a bounce that evidences this
sort of header, (1) stop sending mail to the machine (2) privately send
e-mail to the subscribers on the list on that server explaining why you
have cut them, off, and suggesting that if their mailing list admin is that
clueless, he probably also sends out unstripped logs to people to help him
with diagnosis or is doing other things which are likely to compromise
their privacy, and that you no longer feel safe with sending mail to the
system. Then, about six weeks-six months later, you might send mail to the
admin with the appropriate clue.
> Again, I think there's no reason the idea of "privacy" should extend to a
>poster's email address (if I'm posting to a list, I kinda expect other
>subscribers to see my email address, although I _do_ get annoyed at places
>like Yahoo! or Mail-Archive which hijack mailing lists they do not own and
>post insecure archives on the Web), so there's no way I'd impliment something
>like what Mr. Giorgi was looking for.
I get annoyed with anyone who hijacks mailing lists to publically archive
them no matter what the pretense is, but that is a separate conversation.
However, I extended a private offer to (for a small fee) write the mods to
Mj2 to do the address shielding and (for a fee) to host the mailing
lists. If someone wants to run mailing lists, I have no problem with them
making whatever rules they think are reasonable. I can see why people
would not want to give out their personal e-mail address to a bunch of
people who they barely know. It makes it impossible to take something off
list, of course. But if someone is moderating mailing lists or running them
on their own servers, then they can make whatever rules they want to.
There are some things I would not allow on my servers: Unconfirmed mailing
lists come to mind - they are too easy to use as revenge weapons. This is
a mild sin by comparison. So long as everyone knows the rules they are
playing by, that is.
--
Dopeler effect: The tendency of stupid ideas to seem smarter when they
come at you rapidly.......
njs@scifi.squawk.com
References:
|
|
