Daryl C. W. O'Shea wrote:
Philip Prindeville wrote:
There is an RFC that defines what a URL looks like. A bare domain
doesn't cut it.
You want to forbid bare domains in email? Go ahead. You can forbid
anything you like.
I don't, and I doubt Matt wants to either.
But don't call it a test for URL's, since it's clearly not.
FWIW, you're the only one who's been calling it a URL. The SA headers
say it's a URI, which isn't accurate either, unless of course you
consider SURBL to be a Schemeless URI Realtime Blocklist.
Besides, when this "braindeath" is more the norm than the exception,
it's a de facto standard. Particularly in the absence of any rules
against it.
Yeah, I'll talk to the Outlook folks, and file a bug against
Thunderbird... (I think the latter only does it to be compatible with
the former...)
Yeah, good luck with that.
Do you really have an issue with SA, or is it just that you're pissed
off that somebody rejected spam sent to their abuse account and you're
taking your frustration out on how SA detected that spam?
Daryl
I don't like going down the slippery slope of "Well, it's not really an
URI, but Outlook treats it like one, so we will too." (substitute URI
and Outlook with an number of alternate permutations here).
Half of the security holes that viri, etc. exploit probably exist
because of woolly-minded thinking and bent definitions like that in the
first place. So what could be a well-intentioned attempt to make things
better just ends up making them worse.
-Philip
