LuKreme wrote:
On 12-Aug-2009, at 18:20, Ted Mittelstaedt wrote:
s...@northpole.com becomes s...@example.com
Here's how to do it RIGHT:
s...@northpole.com becomes x...@xxxxxx.xxx
No, example.com and example.org and example.net exist specifically for
these sorts of uses.
No, they don't.
example.com and example.net are bona-fied, legitimate domains
that are setup for use in textbooks, and online documents. They
are resolvable in whois, etc. IANA even has a nice little webpage
so if you go to them you get notified that your an idiot.
The idea is that if a book author makes up their own bogus domain
name, like foo.com, that eventually someone will register that
and then will be bothered by people typing in examples from
the book.
However, spams by contrast are, by definition, NEVER legitimate
pieces of documentation. A spammer could just as easily use
example.com in an actual spam. He might even want to do this
since example.com does, in fact, exist. It would certainly
be better than just manufacturing a domain name that doesn't
exist in a piece of spam.
Thus, example.com IN A SPAM is NEVER an automatic indication
that a munge has occurred. Unlike in a textbook example
where "example.com" is ALWAYS an indication of a fake name.
Thus, when "munging" an example spam post, it's critical to
indicate WHAT was munged. If you use "example.com" in your
munging, then because it's possible for a spammer to use
example.com in a real piece of spam, you then have to go to
the bother of adding text explaining that any appearance of
example.com is a munge.
Furthermore, since you may want to munge more than 2 pieces
of dissimilar data in a spam, your going to rapidly runout
of "example.*". Further, example.com is only good for alpha
data munging and is useless for numeric data munging, ie:
IP addresses.
Since if your going to munge (for privacy) a domain name in
a spam, it's idiotic to munge just the domain name and leave
the IP address that domain name resolves to (since any fool
can use nslookup plus your IP address to figure out what
your trying to munge) you also have to munge any IP addresses
that refer to that domain name, once more, example.com and
friends offer no solution for this. x.x.x.x by
contrast is the de-facto indicator in networking circles
that "there be a TCP/IP address here"
Now, it IS true that using XXXX, YYYY, ZZZZ and so on, should also
require an explanation that XXXX=munge in your spam example,
since a spammer might choose to use a fabricated domain name
like xxxx.xxx. However, since most mailers (maybe all) lower-case
domain names they get, (except in the To: field which is useless anyway)
it's pretty obvious that .XXX is not a legitimate domain
and the upper-case version would almost never appear in a
Received line in a mail. (Well, at least, not by any normal
mailers out there, I wouldn't put it past Microsoft to write a
mailer that preserved case, one day in the future, they are
so ass-backwards). Thus I'd consider an upper-cased fake domain
name in a Received line in a spam the exception rather than
the rule, here.
I elected not to append this discussion to my original post
since only hair-splitters like yourself would likely care. ;-)
Most people would recognize the munge right off.
Now, as for the possibility that .xxx might ever be a legitimate
TLD, I call bullshit on that. The porno people have already floated the
idea of registering .xxx as a TLD and been shot-down, by
ICANN, THREE times so far, as it
was rightly pointed out (the last time this was brought up)
there's no way to force all the porno into .xxx TLDs, .xxx would
merely serve to load the roots more with uselessly duplicated data
to porno sites already existing. So, .xxx is most likely ALSO
never going to be registered in the future.
And if you want to argue that .yyy .zzz .aaa and so on may
one day be registred as TLD's, well go ahead, although you
might consider that no language in use on the Internet has
any word or even slang that cooresponds with those. The
closest might be possible future push to register .aaa just
to be first in the phone books - but I think ICANN would
see through this silliness and shoot it down same as .xxx was
shot down.
Ted
