At 12:28 PM 2002-12-26 -0500, Charlie Summers wrote:
I've seen some that randomly graft the tail end of one piece of mail to the headers of another. This is actually a fairly simply hole to fall into - many MTAs keep bodies and internal headers in one file and envelope information in another file. One crash and file system, "repair" later and you have a body going to a totally unrelated envelope.Yes, and no. Most mailers are configured as you note, but I have seen some (in retuned or copied mail from my lists) which add X-something* headers containing each address delivered to the machine in clear. If fifteen people on a machine are receiving an email in this specific transaction, these odd configurations will add fifteen X-something header fields each containing one address.
I can't recall seeing any thing that is as intentionally as broken as you describe on every e-mail, but I would easily believe that such a thing exists. There are all sorts of mail server admins out the who not only do not have a clue but seem to in incapable of being loaned or rented a clue. Now, I thought about this for about thirty milliseconds before I decided that anything was capable of being broken, and that people should not allow themselves to be pushed into irrational actions to account for every conceivable disfunction that can be perpetrated by a clueless admin.
Were this being done by as many as 1% of the mail server admins in the world, that would be one thing. But it is not. It is being done by someone, somewhere, and I have no reason to believe that if someone hit this admin with a clue stick that they would not fix their problem. Nor do I believe that it is right to break your deliveries to the masses to account for 0.0000001% of the population.
In my opinion, the right way to fix this, supposing you are running the proverbial AA mailing list, is when you see a bounce that evidences this sort of header, (1) stop sending mail to the machine (2) privately send e-mail to the subscribers on the list on that server explaining why you have cut them, off, and suggesting that if their mailing list admin is that clueless, he probably also sends out unstripped logs to people to help him with diagnosis or is doing other things which are likely to compromise their privacy, and that you no longer feel safe with sending mail to the system. Then, about six weeks-six months later, you might send mail to the admin with the appropriate clue.
I get annoyed with anyone who hijacks mailing lists to publically archive them no matter what the pretense is, but that is a separate conversation.Again, I think there's no reason the idea of "privacy" should extend to a poster's email address (if I'm posting to a list, I kinda expect other subscribers to see my email address, although I _do_ get annoyed at places like Yahoo! or Mail-Archive which hijack mailing lists they do not own and post insecure archives on the Web), so there's no way I'd impliment something like what Mr. Giorgi was looking for.
However, I extended a private offer to (for a small fee) write the mods to Mj2 to do the address shielding and (for a fee) to host the mailing lists. If someone wants to run mailing lists, I have no problem with them making whatever rules they think are reasonable. I can see why people would not want to give out their personal e-mail address to a bunch of people who they barely know. It makes it impossible to take something off list, of course. But if someone is moderating mailing lists or running them on their own servers, then they can make whatever rules they want to.
There are some things I would not allow on my servers: Unconfirmed mailing lists come to mind - they are too easy to use as revenge weapons. This is a mild sin by comparison. So long as everyone knows the rules they are playing by, that is.
--
Dopeler effect: The tendency of stupid ideas to seem smarter when they
come at you rapidly.......
[EMAIL PROTECTED]
