From: Bill Davidsen (davidsen@prodigy.com)
Date: Thu Aug 01 2002 - 11:46:41 CDT
On Thu, 1 Aug 2002, Russ Allbery wrote:
> Bill Davidsen <davidsen@prodigy.com> writes:
> > On Wed, 31 Jul 2002, Russ Allbery wrote:
>
> >> No. That section does not support your contention. For example, the
> >> %-escaped form of Newsgroups is entirely compliant with that section.
>
> > The problem is that it doesn't properly address the whole header issue,
> > the "%" in a "To:" address is parsed by many mailers, such that
> > joe%nosuch.com@real.com
> > -is treated as-
> > @real.com:joe@nosuch.com
>
> > and the message is relayed to nosuch.com via the mailer at real.com. Or
> > more likely "relaying denied" at real.com these days.
>
> We talked this over on USEFOR and don't think it will be a problem. Those
> sites implementing %-hack only do it for addresses that they consider to
> be local, which means that the only sites that would possibly do this are
> the moderation relay sites. That's a fairly small set of sites, and I
> think we can just ask them all to turn this off (if they haven't already,
> which they probably have since this used to be a huge spam relaying hole).
Exactly why it won't be turned off. It is recognized as an attempt to
relay and the mail is rejected. At least at a few of the major ISPs I
tried to access. Feel free to try it yourself, but I think "relaying
denied" rather than "no such user" is a pretty clear indication.
-- -bill davidsen (davidsen@prodigy.com) "The secret to procrastination is to put things off until the last possible moment - but no longer" -me