From: Bill Davidsen (davidsen@prodigy.com)
Date: Tue Sep 09 1997 - 14:48:34 CDT
Brad Templeton <brad@clari.net> wrote:
> Well if the from is legit and the reply-to invalid, that doesn't protect
> you from spam harvesters. Post not from an invalid address but a
> *special* address, one that is more filtered than your "real" address
> which is used when you mail out or by people who know you.
What I do, or you do, is of precious little concern to the standard. We
have multiple machines and domains, can create junk addresses, can write
mail filters, etc, etc. The typical user is either a subscriber to an
ISP (with Windows), a business user (Win/UNIX mix, little technical
expertise), or an academic user (wide range of skill and inclination).
You can have a batching program, and a secretary to check. I can have
350 lines of procmail rules to break mail into known good, probable
good, probable crap, and trash without reading. Many of the people who
are my clients, or most folks on this group, lack either the resources
or the will to fight the good fight. They just want to mung their
address and get on with life, because they can understand the
technology.
And given a choice between losing their business or not including a
replyable address in the header, I am not going to take a moral stand,
because I've done that twice already, and there are other people who
will do what the customer wants for money if I don't.
There is a need for a header line which can be traced to an individual
in case of misbehaviour, and a non-replyable address in readable form.
You are getting the same effect with your (b) solution, using more
resources, encouraging legitimate replies which will consume resources
in two directions when it bounces, and I see no advantage over having a
recognized invalid address (like "noreply") which will be recognized by
the mail software using minimum resources.
> The more filtered address can:
> a) Have a secretary on it like my viking-12
> b) Change with every post, if you have a mailer that can handle
> that, so you can expire them over time
> c) Simply batches up replies so you see them once a day
> (spam isn't nearly so bad a problem if you see it only once a
> day it turns out)
>
> d) Have agressive spam-filtering rules that you would not want to
> put on your real address.
>
> If, like me, you've already posted under your real email 10,000 times,
> you are sunk, address faking is only good for new posters by and large,
> but the above are better.
I've posted this address, and my "most real" (tmr.com) address, I do
have some which never go in a post. I'm afraid the rules on this address
would rate as your (d) and then some, although I rarely lose anything I
miss. The total trash barrel is from known spammers only.
I'd like to hear from others, I see this as a legitimate defensive
action, giving NO valid address and clearly making that obvious, while
preserving accountability.
-- bill davidsen (davidsen@prodigy.com) "Whatever it was that wasn't wrong and couldn't be reproduced and works like it always has...has apparently been fixed." -Mr.Foot@bigfoot.com