On Fri, 2005-08-26 at 03:56 -0400, Ken Raeburn wrote: > On Aug 26, 2005, at 03:14, Jeroen Massar wrote: > > Indeed when some 'malicious' person would add Cc's/To's and would > > instruct his SMTP to not forward to the additional addresses in the > > Cc/To the users will effectively not receive the message. > > > But how exactly does this cause a problem? > > Isn't that enough? Tricking the list software into excluding certain > people from part of a discussion, even if it's only the part sent by > one certain submitter? It gives a false impression to the other list > members that certain list members are part of the discussion when > they have quietly been left out. Yes, which is why it might be good if the IETF Secretariat would: * Disable the nodupes feature That is, that per default it is disabled and folks get 'dupes'. * Notify, once, the users who have nodupes active, that it might affect the amount of mail they are getting, referencing or including Keiths original message. Does this a) sound like a good idea, then b) can this be requested? Rest of this discussion follows but can be skipped by most folks... > If that's not bad enough, what if the message in question were forged > as being from someone who was also excluded from receiving it through > this mechanism? <SNIP> > (Of course, if the person is offline for a > vacation or something, the same might happen. And habitually signing > one's messages may help call attention to the forgery, but we've got > a ways to go to make that commonplace.) This part can be indeed only be solved by that simple step, which you and I are already using: PGP sign the message. Though privacy-folks then say 'but then I can't repudiate my message' to which my silly answer is: either say something or don't. I would actually be in favor of a mechanism where only PGP signed messages get forwarded onto the list, others bounced back to the origin stating that the sender can't be verified and that this might be because it is not the original sender + how to setup and use PGP. This also avoids having to check if a message from 'the iesg' actually comes from the iesg by checking the headers. SPF will only help partially in this case. > Malicious intent aside, it's also useful to know sometimes if the > mailing list software is somehow munging your messages in a way you > didn't intend. Stripping out attachments, converting encodings, > changing HTML to plain text, etc. (And I've seen mailman > occasionally botch some such processing, leaving empty messages, but > I don't recall the specifics at the moment, or if it's been fixed.) They have fixed quite a number of issues in that department fortunately ;) I personally like the 'nodupes' feature very much as messages that I get cc'd on, thus most likely a reply to something doesn't get caught by the List-Id header and then sorted in the correct folder, thus ending up in my direct-message folder on this subject so I know that it is a reply and I need to pay attention to it. Something semi-related, nobody complains about the fact that one can Bcc people which thus leads to other people than indicated in the To/Cc to read the message, not that one knows the membership of most mailinglists but still... Greets, Jeroen
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf