Hello:
The questions@lists.ntp.org mail list server receives some of
the most detailed, highly technical, arcane, time-consuming-to-answer,
and security-related questions from people whose return address is gmail.com
and other, essentially anonymizing, email addresses. For example, early
this past summer, the list received mail from a young man who claimed to
be in London and working on a project somehow associated with Princeton
University, which is located in the State of New Jersey in the United
States, and needing incredibly accurate time for some reason. The
domain name of his return address was gamil.com. Doesn't that
strike you as being somewhat improbable? Is this the
same man who recently narrated the beheading of two American
Journalists in the Middle East? How do you know it is not?
ISIS members have become incredibly adroit in using social
Media Websites for their purposes, even thoughtfully giving the
parents of their beheading victims several days advance notice
of their son's demise. Some day, is it going to be important to
ISIS to have accurate time to coordinate a massive strike on
the electric, railroad, or bridge infrastructure in some
Western country? Are list members going to facilitate that?
Another example was the person, allegedly from South Africa, who was asking
detailed, technical, and arcane questions about NTP whose return email
address was neither in the whois database nor pingable.
I propose that in the short term NTP questions list members not
respond to
inquires from people whose return address is a bulk email provider, and in
the long
run the NTP list server be made to reject email from bulk providers, such as
Google,
Yahoo, and Microsoft, and from domains that are not in the whois database or
that
do not respond to pings.
Charles Elliott
316 E Cambria St
Philadelphia, PA 19134-3324
(215) 425-5222
_______________________________________________
questions mailing list
questions@lists.ntp.org
http://lists.ntp.org/listinfo/questions
