-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Wed, 2018-08-01 at 11:19 -0400, Rich Kulawiec wrote:
> 1. They needed to stop doing so a few decades ago.  Anybody still
> doing it today is doing it on purpose, which of course leads directly
> to the question: why?

One reason as to "why" is that there is no good way to specify an
alternate abuse@ address, where said alternate abuse address is on a
completely different (sub)?domain, ala ruf/rua=.  So then it becomes an
issue of not filtering the base domain, which would be a massive
headache for those who follow the 2 age-old smtp golden rules: 

 -- "never accept email you can't deliver"

 -- "reject at connect, never bounce"


49% of folks would've said whois could have been a great place for an
Abuse contact... and another 49% would say security.txt is the place. 
The end result is there is zero standard nor recommended way, imho.

- -Jim P.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEPxwe8uYBnqxkbORSJxVetMRaJwUFAlth2BMACgkQJxVetMRa
JwVVvxAAjF5Nzd2NvilFWSJWc8Mo1Yl9rckNi4pMf0hdU3NbHBAq/Q1gbe/XfHu7
nMyHc0V9Puwm0eb1LPHldwVwjcxG8SRYAztjagUFEhnes1SyUq+c5UdG2pzkn03A
SMgNFKiwLQdqhtnGsjpp9YFEGyrzHYIuBxzqSXTysXgg55nzxP1kQ/BEk2uKzhBO
///M8+cgFIsK+9SgYvYHh1dLTi+vK6PI79dUT6JNcK5imirbKORCwL/05rJp7PXx
VG/0mBxWFcw1/5e2uDcu1eEhYboNH1QVf6O4a+HUS37HhJSayVC2AKr5rTm8/NWs
YpvO4mZ0Sy/3o0tsZp1gahKRrlN5VZzbuKjuGVD71OY+Rwaxsga6YQJGajOUs8Rc
8D3rT7lC2c7V2xooOKF5FnOM8B7xJwbwb3M9IMWmsB7d2c+WvdBvzZGiO8Gzdah5
giiYh2ninyVQdJ8diIuQChJ/hpBakuXmtq+RIHWpEgfF//tUux/rCI1NG8DJbs73
UuwuQmQ7goOs43/FGEV+hoqAdKH7eY3/8MNFajoqEmvQSKWpUm+7nZtcaLxVDM+J
K1uXYKv9Sy6ZHdQr2BPTNra2RlrhsTEKWZLp4/UVH/S+dEhK56zwKX1tM0DgDwtQ
t1pBBC4+n+2PmeqIB+9VIF24D0dPsSTaDscsbWoey2enb0pGCEI=
=MoLL
-----END PGP SIGNATURE-----

Reply via email to