On Wed, Mar 26, 2003 at 02:17:59PM -0700, Jason R. Mastaler wrote:
>For example, I send a message to [EMAIL PROTECTED] My message headers
>contain the following:
>
>Message-ID: <[EMAIL PROTECTED]>
>
>I tell TMDA to accept any messages that are in reference to a
>Message-ID containing the string 'hrothgar.la.mastaler.com'.
>
>When bobby replies, <[EMAIL PROTECTED]> will be
>listed in 'References' and the message will be automatically accepted.
>
>What do you think of the idea?
Hmm... I think it's an interesting idea. And given TMDA's stated goal of
being a "spam reduction system" that it's probably one that would be ok.
However, it seems relatively simple to spoof. I think it's a forgone
conclusion that spammers monitor these lists. If they want a key into
my mailbox, then it can't be something that is as trivial to spoof as
the following email:
To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
References: <[EMAIL PROTECTED]>
If there were a way to verify that the reference was legitimately created
then I'd be more inclined to like this idea and actually use it in my
tmda setup. I guess I'm thinking, for example, if TMDA rewrote the
"Message-ID" with one that was verifiable by TMDA, then I'd be more
inclined to use it.
The other problem is that a number of MTA's seem to fail to include
"References" header. I notice this everytime that mutt fails to
properly thread a reply to an email that I sent. Looking through my
email right now, I have examples of such behavior from MS Outlook.
This is another reason that I would not be inclined to use this feature
over dated addresses.
For me, I prefer the use of a dated reply-to and a bare from address.
This seems to work incredibly well. I have yet to encounter an email
client that doesn't respect reply-to.
Long story short: I *probably* wouldn't use this feeature if implemented.
$.02
- Mark
_________________________________________________
tmda-workers mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-workers
