Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Address munging (was: Rejecting Certain Non-ASCII Characters)

7 views
Skip to first unread message

Thomas 'PointedEars' Lahn

unread,
Apr 20, 2013, 12:23:56 PM4/20/13
to
M. Strobel wrote:

> Am 20.04.2013 18:01, schrieb Thomas 'PointedEars' Lahn:
>> M. Strobel wrote:
>>> Am 20.04.2013 14:41, schrieb Arno Welzel:
>>>> If you don't want to use a valid address, then use
>>>>
>>>> <inv...@invalid.invalid>
>>>>
>>>> Also see <http://www.individual.de/faq.php#5.3>
>>>>
>>>> Did you get it now?
>>>
>>> Get what? This domain exists:
>>>
>>> str@suse122-intel:~/Desktop> dig nowhere.dee @208.67.222.222
>>>
>>> ; <<>> DiG 9.9.2-P2 <<>> nowhere.dee @208.67.222.222
>>> ;; global options: +cmd
>>> ;; Got answer:
>>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17975
>>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
>>>
>>> ;; OPT PSEUDOSECTION:
>>> ; EDNS: version: 0, flags:; udp: 16384
>>> ;; QUESTION SECTION:
>>> ;nowhere.dee. IN A
>>>
>>> ;; ANSWER SECTION:
>>> nowhere.dee. 0 IN A 67.215.65.132
>>>
>>> ;; Query time: 68 msec
>>> ;; SERVER: 208.67.222.222#53(208.67.222.222)
>>> ;; WHEN: Sat Apr 20 17:42:03 2013
>>> ;; MSG SIZE rcvd: 56
>>
>> It figures that you would post the non-authoritative answer from your
>> misconfigured nameserver to support your anti-social behavior. That does
>> not make your From header field value technically valid or socially
>> acceptable, though, because an *address* there has to have at least a
>> FQDN, which nowhere.dee is no where near to. (There is no registry for
>> the dee TLD to begin with. Not *yet*, that is.)
>>
>> Perhaps someone should inform your service provider to *make* you heed
>> the rules.
>
> Haha, gotcha, you did not understand what happens.
>
> This was one of the spamming name servers, they give an address for
> anything... Never heard of it?

No, I am not in need of their services.

> Time to learn.

Why should I learn about how to commit network abuse best? I for one obey
the forms.

Instead, it is about time for *you* to learn what an address header is
before someone makes you to.


X-Post & F'up2 news.admin.net-abuse.usenet

PointedEars
--
Danny Goodman's books are out of date and teach practices that are
positively harmful for cross-browser scripting.
-- Richard Cornford, cljs, <cife6q$253$1$8300...@news.demon.co.uk> (2004)

Thomas 'PointedEars' Lahn

unread,
Apr 22, 2013, 8:10:41 AM4/22/13
to
Denis McMahon wrote:

> What you have defined locally is irrelevant.

ACK.

> Internet domains do not exist unless their tld is registered with the
> internet GTLD root servers, and there is a dns query path to the relevant
> domain nameserver from the internet GTLD root servers.

Some exist even without being registered that way, though:

> If you must obscure your email address, I suggest you use
> em...@example.com instead.

That would be a violation of RFC 5536 by everyday (mis)use of the
example.com” SLD. That domain, and the “example” TLD, are for *examples*,
not address munging. See RFC 2606.

> Using <something>@invalid.invalid is just as
> bad as using any other made up domain name. (see <http://www.iana.org/
> domains/special> )

Some NetNews providers argue that it is technically correct, as because of

,-<http://tools.ietf.org/html/rfc2606>
|
| ".invalid" is intended for use in online construction of domain
| names that are sure to be invalid and which it is obvious at a
| glance are invalid.

there cannot be a mailbox there.

However, the TLDs defined in RFC 2606 are not for address munging; they are
“for Testing, & Documentation Examples”. The example SLDs in defined in RFC
2606 are not for address munging either; they “can be used as examples”
only. And the current (2009) NetNews RFC does not allow them:

,-<http://tools.ietf.org/html/rfc5536#section-3.1.2>
|
| 3.1.2. From
|
| The From header field is the same as that specified in Section 3.6.2
| of [RFC5322], with the added restrictions detailed above in
| Section 2.2.
|
| from = "From:" SP mailbox-list CRLF

That is, added *restrictions*, _not_ added freedoms.

Because using “.invalid” (or another of those domains) in a *pseudo*-address
(RFC 5322, since at least RFC 2822: “a mailbox *receives* mail”) prevents
e-mail communication in a non-obvious way (especially to non-English
speakers), whereas e-mail communication *is* important to keep Network news
clean of one-to-one communication (to clarify misunderstandings before they
evolve into flamewars; to give technical or other advice that nobody in the
group should know or care about; to arrange for personal meetings; to offer
jobs because of obvious technical expertise; etc.), it is still considered
anti-social behavior and is subject to killfile rules.

Use it for postings that you want to be read (by knowledgable people), *at
your own risk*; consider that not being read (by knowledgable people) on
NetNews is equivalent to not participate in NetNews at all.

> postmaster@localhost is of course another possibility, and should be
> valid everywhere.

Nonsense. Because it specifies a different mailbox everywhere, *if at all*,
it is _not_ Valid. “localhost” is _not_ a *Fully Qualified* *Domain Name*.
It is the *hostname* for 127.0.0.1 by default. Unless you are running an
MTA on the computer you are reading NetNews with, there cannot be such a
mailbox. And then it will be *your* mailbox you would send e-mail to, not
the author of the posting.

Use that ”address” to annoy people to no end by spamming themselves (worst
case scenario is a bounce days later, or an unexpected log file entry) when
they are trying to give you friendly off-group advice (or in any of the
aforementioned scenarios).


See also: <http://www.interhack.net/pubs/munging-harmful/>

The paper may be old, but its arguments are still valid. Address munging in
any way is *helping* spammers, and *hurting* the NetNews community,
including and firstly oneself. IOW, address munging is one of the most
stupid things you can do.


X-Post & F'up2 news.admin.net-abuse.usenet

PointedEars
--
Use any version of Microsoft Frontpage to create your site.
(This won't prevent people from viewing your source, but no one
will want to steal it.)
-- from <http://www.vortex-webdesign.com/help/hidesource.htm> (404-comp.)

Arno Welzel

unread,
Apr 24, 2013, 12:13:17 PM4/24/13
to
Am 22.04.2013 14:10, schrieb Thomas 'PointedEars' Lahn:

[...]
> See also: <http://www.interhack.net/pubs/munging-harmful/>
>
> The paper may be old, but its arguments are still valid. Address munging in
> any way is *helping* spammers, and *hurting* the NetNews community,
> including and firstly oneself. IOW, address munging is one of the most
> stupid things you can do.

ACK. But individual.de at least tolerates the use of
<inv...@invalid.invalid> - and i think this is still better then
suppying a valid adress but ignoring any e-mail sent to it anyway.


--
Arno Welzel
http://arnowelzel.de
http://de-rec-fahrrad.de
0 new messages