FYI/ separate correspondence, Re: Antigen Aaron, issue by issue

Gordon Mohr
Mon, 29 Oct 2001 12:51:40 -0800


Thanks for taking my points into consideration. I do think the current 
Antigen behavior will eventually cause more confusion, for other 
lists/aliases in the future, if not adjusted in some way.  

I wasn't aware that the "" has been appended at the listserv; 
that helps me to understand it wasn't an intentional forge, just an 
unintended consequence of two systems each working with incomplete 
information about remote entities.

I will copy this message, with your reply below, to FoRK. 


- Gordon

> From: Aaron Blosser
> To: Gordon Mohr
> Sent: Monday, October 29, 2001 12:19 PM
> Subject: RE: Antigen Aaron, issue by issue
> Since you're email is much more thoughtful than most I've received,
> I'll answer your valid points:
> # From: Gordon Mohr []
> # Sent: Monday, October 29, 2001 11:58 AM
> # To: Aaron Blosser
> # Subject: Antigen Aaron, issue by issue
> # 
> # 
> # Let's go back to the beginning. Lucas sent a ZIP file that contained
> # an EXE. When this arrived at one subscriber's mailbox, some software
> # there removed it, and sent a notification back to the list that it
> # had been removed.
> # 
> # However, that email:
> # 
> #  - claimed to be from "" -- a forged address
> Wasn't forged - it really was a case of the list server appending
> the "" since "Antigen" is all that really does appear on
> the from line.
> #  - went to the list, rather than just to the local recipient and
> #    original email sender
> In cases of actual virii being discovered, I happen to think it's
> fine to notify all original recipients.  In cases where it's just a
> file filter, maybe not as good an idea, so I'll grant you that.
> #  - failed to identify to whom the stripped message was delivered
> Dunno if the AV software can do that, but I'll certainly consider
> that suggestion as well.
> #  - claimed "all files of the type =*.exe are being blocked in the
> #    email system"
> #
> # Most subscribers got the ZIP/EXE, and has no policy where
> # EXEs are blocked, so the notification was sent to a couple hundred
> # people for whom it was misleading and irrelevant.
> Just another piece of the puzzle, not really a point unto itself.
> # Aaron, regardless of any other threads, I would urge you to adjust
> # Antigen so that it does not forge "From" headers to be addresses in
> # other domains. Forged "From" lines are rude.
> The forging thing is a non-issue, and a misunderstanding by the list
> server.  As for the other points, I will certainly take them into
> consideration since, as I said, you at least didn't resort to
> personal attacks.  See, if someone had been this nice from the get
> go, could have saved us all a lot of time.  But when people from the
> word go just start the attacks, it's only natural for my defenses to
> rise.
> # FoRK's internal policies for accepting email or Virtuoso's internal
> # policies for what it filters are merely tangents. The issue is
> # fairly
> # and honestly interfacing with each other. An accurately worded,
> # non-forged, and efficiently targetted Antigen notification would
> # meet everyone's needs.
> I'd still suggest that any list hoping to avoid such problems would
> only accept submissions by subscribers, or at least someone should
> moderate.  Just my 2 cents, but then it's not my list, so what do I
> care? :)
> Thanks for taking the time for a *thoughtful* email.  Perhaps you
> could forward my reply to the list as an example of what being nice
> can do when confronted with situations like this in the future?
> Thanks,
> Aaron