FYI/ separate correspondence, Re: Antigen Aaron, issue by issue
Mon, 29 Oct 2001 12:51:40 -0800
Thanks for taking my points into consideration. I do think the current
Antigen behavior will eventually cause more confusion, for other
lists/aliases in the future, if not adjusted in some way.
I wasn't aware that the "@xent.com" has been appended at the listserv;
that helps me to understand it wasn't an intentional forge, just an
unintended consequence of two systems each working with incomplete
information about remote entities.
I will copy this message, with your reply below, to FoRK.
> From: Aaron Blosser
> To: Gordon Mohr
> Sent: Monday, October 29, 2001 12:19 PM
> Subject: RE: Antigen Aaron, issue by issue
> Since you're email is much more thoughtful than most I've received,
> I'll answer your valid points:
> # From: Gordon Mohr [mailto:firstname.lastname@example.org]
> # Sent: Monday, October 29, 2001 11:58 AM
> # To: Aaron Blosser
> # Subject: Antigen Aaron, issue by issue
> # Let's go back to the beginning. Lucas sent a ZIP file that contained
> # an EXE. When this arrived at one subscriber's mailbox, some software
> # there removed it, and sent a notification back to the list that it
> # had been removed.
> # However, that email:
> # - claimed to be from "email@example.com" -- a forged address
> Wasn't forged - it really was a case of the list server appending
> the "@xent.com" since "Antigen" is all that really does appear on
> the from line.
> # - went to the list, rather than just to the local recipient and
> # original email sender
> In cases of actual virii being discovered, I happen to think it's
> fine to notify all original recipients. In cases where it's just a
> file filter, maybe not as good an idea, so I'll grant you that.
> # - failed to identify to whom the stripped message was delivered
> Dunno if the AV software can do that, but I'll certainly consider
> that suggestion as well.
> # - claimed "all files of the type =*.exe are being blocked in the
> # email system"
> # Most subscribers got the ZIP/EXE, and xent.com has no policy where
> # EXEs are blocked, so the notification was sent to a couple hundred
> # people for whom it was misleading and irrelevant.
> Just another piece of the puzzle, not really a point unto itself.
> # Aaron, regardless of any other threads, I would urge you to adjust
> # Antigen so that it does not forge "From" headers to be addresses in
> # other domains. Forged "From" lines are rude.
> The forging thing is a non-issue, and a misunderstanding by the list
> server. As for the other points, I will certainly take them into
> consideration since, as I said, you at least didn't resort to
> personal attacks. See, if someone had been this nice from the get
> go, could have saved us all a lot of time. But when people from the
> word go just start the attacks, it's only natural for my defenses to
> # FoRK's internal policies for accepting email or Virtuoso's internal
> # policies for what it filters are merely tangents. The issue is
> # fairly
> # and honestly interfacing with each other. An accurately worded,
> # non-forged, and efficiently targetted Antigen notification would
> # meet everyone's needs.
> I'd still suggest that any list hoping to avoid such problems would
> only accept submissions by subscribers, or at least someone should
> moderate. Just my 2 cents, but then it's not my list, so what do I
> care? :)
> Thanks for taking the time for a *thoughtful* email. Perhaps you
> could forward my reply to the list as an example of what being nice
> can do when confronted with situations like this in the future?