Re: .invalid (MUST versus SHOULD) alterative

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

From: Brad Templeton (brad@templetons.com)
Date: Wed Mar 01 2000 - 02:56:32 CST

Next message: Jonathan Grobe: "Re: Time to Attempt Implementation of New Draft?"
Previous message: Brad Templeton: "Re: RFC 1036 Revision: Replaces/Supersedes/Xref Headers"
In reply to: Erland Sommarskog: "Re: .invalid (MUST versus SHOULD) alterative"
Next in thread: Bill Davidsen: "Re: Re: .invalid (MUST versus SHOULD) alterative"

On Wed, Mar 01, 2000 at 09:43:03AM +0100, Erland Sommarskog wrote:
> John Stanley <stanley@peak.org> writes:
> > Because they cannot do it. Pretend you are the injecting agent at Deja.
> > I've posted an article with the From: address "stanley@peak.org". Am I
> > authorized to use that address? I next post with the address
> > "stanley@argus.oce.orst.edu". Am I authorized to use that address?
>
> Hm, I've never posted through Deja myself, but I am under the impression
> that Deja do require that you post through a usuable address. I suppose
> that is carried by means if registration. If you have registered
> stanley@argus.oce.orst.edu, then you are not authorized to use that
> address as far as Deja is concerned.

I don't think anybody dreams, until we have digital certificates of course,
of being able to verify individual e-mail addresses off of one's own
server. That is not necessary in order to gain valuable anti-spam
techniques.

It is possible for anybody to determine if a *domain* exists or not,
and tell the difference between a fake domain and a real one. Whether
a particular user is authorized to use an address at a given real
domain is the sole province of that domain, and that's fine. It means
there is a responsible party, or one who has the power to sue or file
charges under the various laws that already exist to forbid people using
domains against the will of their owners.

Under my draft, there become three states:
        a) A real domain: Either an authorized user, or somebody who
        has just set themselves up for a lawsuit by the domain owner.
        This creates checks and balances.

b) A fake domain not ending in invalid: Somebody violating the
spec, or a spammer. Reject/cancel/nocem the article.

        c) A domain ending in .invalid: A policy decision left to
        the site or the individual user, easily dealt with using most
        killfile and other news filtering mechanisms. Users attempting
        to reply can be warned before they draft their reply.

But all this, or in particular (b) only if the spec says you MUST
do this. Otherwise people using fake domains are not violating the
standard, just choosing an option.

Next message: Jonathan Grobe: "Re: Time to Attempt Implementation of New Draft?"
Previous message: Brad Templeton: "Re: RFC 1036 Revision: Replaces/Supersedes/Xref Headers"
In reply to: Erland Sommarskog: "Re: .invalid (MUST versus SHOULD) alterative"
Next in thread: Bill Davidsen: "Re: Re: .invalid (MUST versus SHOULD) alterative"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

This archive was generated by hypermail 2b29.