>>>>> David W Hodgins <
dwho...@nomail.afraid.org> writes:
>>>>> On Sat, 28 Oct 2017 23:36:27 -0400, Thomas 'PointedEars' Lahn wrote:
>>>>> David W. Hodgins wrote:
>>> Change
dwho...@nomail.afraid.org to
davidw...@teksavvy.com
>>> for email replies.
>> Do you realize that the unnecessary hassle you create, and the
>> violations you commit with this are completely pointless?
> I set up
nomail.afraid.org back when the swen email worm harvested
> usenet from addresses. It's currently set to the ip address
> 127.212.212.212 with the mx record pointing to a spamtrap used by
>
http://www.uceprotect.net/. I changed if from 127.0.0.1 to
> 127.212.212.212, back at some point when someone asked me to prove I
> controlled the hostname's address.
> As I setup the host name, it doesn't violate any standards or terms
> of service, that I'm aware of.
> While spammers could easily harvest the address from the sig, so far
> they have not been doing so, while the from address does get quite a
> bit of spam, which I can confirm from the uceprotect logs.
[I'm pretty sure that there's a FAQ or dozen that cover this.
For no good reason, I'll still try to explain it myself.
There's a summary at the bottom, BTW.]
If I'm to hazard a guess, the NNTP protocol makes it easier
(bandwidth-wise) to gather addresses from the header (via the
HEAD command) than from the article as a whole. It's easier
still to retrieve the contents of certain headers -- including
From: and Message-ID: -- using XOVER, which may make them more
vulnerable to harvesting than the other parts of the article.
(And which may also explain why there're occasionally attempts
to deliver mail to Message-ID: identifiers like they were email
addresses.)
Now, other than sending spam, the From: address may be used to
send a Usenet participant an email. In my experience, however,
that rarely happens. As such, From: in Usenet currently serves
as the means to identify a poster -- not to start an email
conversation. Hence, there's little (if any) reason to use for
it an address of a mailbox that one's going to actually read.
From here, we can consider several alternatives.
First of all, AFAICT, there's a consensus that using someone's
else address in From: -- or even just a domain you don't have
permission to use for that purpose -- is plainly harmful, as
that opens that third party to network abuse. In particular,
RFC 5322 (3.6.2) reads:
In all cases, the "From:" field SHOULD NOT contain any mailbox that
does not belong to the author(s) of the message. [...]
Another option is to use an address that's invalid and will
remain invalid for the foreseeable future. An address with
a domain part ending in the standard (RFC 2606) reserved
".invalid" TLD name is just such a domain, and while the domain
was initially (1999) intended to be used only in documentation,
its use is expressly allowed by RFC 5537 (3.4):
Contrary to [RFC5322], which implies that the mailbox or mailboxes in
the From header field should be that of the poster or posters, a
poster who does not, for whatever reason, wish to use his own mailbox
MAY use any mailbox ending in the top-level domain ".invalid"
[RFC2606].
Unless the MTA (MSA) is badly misconfigured, any mail to such an
address will be rejected immediately, and the user trying to
send it will be notified of the issue, making it possible for
him or her to try other means to contact the article's author.
One another choice is to use a "temporary" email, typically
valid for several days or weeks. It has the convenience that
the article's author can readily be contacted when the
discussion is still active, yet the address would be more or
less useless for long-term abuse.
It's also possible to use an address associated with a
"spamtrap," which has the advantage of automatically marking
spam sources for other users. The obvious downside (and one
associated with spamtraps and similar measures in general) is
that a honest mistake by a single user of a given MTA may lead
to an automatic blacklising of that same MTA, effectively
resulting in a DoS (however short-term) for all its users.
Finally, it's also possible to use a valid address pointing to a
mailbox that simply is never read, and perhaps does not even
have any actual storage (as in: redirected to /dev/null.)
AFAICT, such use would be in line with RFC 5322 (3.4):
A mailbox receives mail. It is a conceptual entity that does not
necessarily pertain to file storage. For example, some sites may
choose to print mail on a printer and deliver the output to the
addressee's desk.
Also, the use of such addresses is common in email proper, for
instance they're used to deliver important information to
clients of many Internet services (say, ToU changes, low balance
notifications, etc.)
A summary follows.
Use of someone's else address or domain:
* may be harmful to that third party;
* expressly disallowed ("SHOULD NOT") by RFC 5322 (3.4);
* may fail to provide clear indication that the recipient cannot
be reached.
Use of an ".invalid" address:
* expressly allowed ("MAY") by RFC 5537 (3.4);
* common Usenet practice;
* provides clear indication that the recipient cannot be reached.
Use of a spamtrap address:
* may fail to provide clear indication that the recipient cannot
be reached.
* may result in an inadvertent DoS due to a honest mistake on
the part of the user trying to contact the article's author
via email.
Use of a temporary address:
* no obvious issues with Internet standards compliance;
* messages are either delivered, or there's a clear indication
that the recipient can no longer be reached.
Use of a /dev/null address:
* no obvious issues with Internet standards compliance;
* no indication that the recipient cannot be reached that way.
--
FSF associate member #7257
http://am-1.org/~ivan/