Antigen Aaron, issue by issue

Gordon Mohr
Mon, 29 Oct 2001 11:57:40 -0800

Let's go back to the beginning. Lucas sent a ZIP file that contained
an EXE. When this arrived at one subscriber's mailbox, some software
there removed it, and sent a notification back to the list that it
had been removed.

However, that email:

   - claimed to be from "" -- a forged address
   - went to the list, rather than just to the local recipient and
     original email sender
   - failed to identify to whom the stripped message was delivered
   - claimed "all files of the type =*.exe are being blocked in the 
     email system"

Most subscribers got the ZIP/EXE, and has no policy where
EXEs are blocked, so the notification was sent to a couple hundred
people for whom it was misleading and irrelevant.

Aaron, regardless of any other threads, I would urge you to adjust
Antigen so that it does not forge "From" headers to be addresses in 
other domains. Forged "From" lines are rude.

I also would urge you to try to make the notification text be clear 
and honest as to where the filter was applied. For example, had the 
initial notification said "Your mail sent to was 
filtered because Virtuoso does not accept EXE attachments", there 
would have been much better mutual understanding from the beginning.

Finally, if at all possible, any such future confusion could be 
avoided if the noticiation went just to people directly affected:
your local recipients and the original sender. Copying the notification
to the original "To" address risks notifying hundreds of people of
something that doesn't affect them.

FoRK's internal policies for accepting email or Virtuoso's internal
policies for what it filters are merely tangents. The issue is fairly
and honestly interfacing with each other. An accurately worded, 
non-forged, and efficiently targetted Antigen notification would
meet everyone's needs.

- Gordon