Re: "proving" a user received an email (good gosh)

From: Chronos Tachyon (chronos@chronos.dyndns.org.no.spam.please.example.com)
Date: 06/26/02

Next message: Andrew S.: "Re: Microsoft's Jihad - Palladium"
Previous message: Bruno Wolff III: "Re: "proving" a user received an email (good gosh)"
In reply to: Faux_Pseudo: "Re: "proving" a user received an email (good gosh)"
Next in thread: Faux_Pseudo: "Re: "proving" a user received an email (good gosh)"
Reply: Faux_Pseudo: "Re: "proving" a user received an email (good gosh)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Chronos Tachyon <chronos@chronos.dyndns.org.no.spam.please.example.com>
Date: Tue, 25 Jun 2002 23:16:46 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue 25 Jun 2002 06:19 pm, Faux_Pseudo wrote:

>
> - --(Once apon a time, in comp.security.unix,)--
> --(Bruno Wolff III said it like only they can.)--
>> It someone really needs a confirmation that the message was read by a
>> human, it should ask for a confirmation in the body of the message.
>
>
> Bad idea. Any user where confirmation is an issue is a user who knows
> enough to not confirm delivery of the message. What whould be better
> is a "X-Lieing-User: yes" header that the mail client or MTA can check
> and find out if the message did get properly routed and then the mail
> client can look for the header and at the top of the email put a
> little "In opening this mail a notification was sent to the sender"
>

Spam, spam, spam, spam, Spam, spam, spam, spam, ...

Any sort of automatic use of Delivery Status Notification would be exploited
by spammers in all of about 5 minutes to confirm the existence of valid
e-mail addresses, thus making them more valuable when selling them to other
spammers. It would be worse than 1x1 transparent GIFs pointing to a script
on a remote HTTP server, since while no valid message *requires* that
remote image loading be turned on, any sort of mandatory DSN *couldn't*
distinguish between spammers and legitimate use.

And, although an "X-Lieing-User: yes" header (in the fine spelling tradition
of HTTP's "Referer:", perhaps?) might be somewhat useful, there are MANY
legitimate situations where you don't want e-mail being sent to the same
provider as your outgoing mail server -- for instance, when I occasionally
post from my Earthlink account at home, I use the e-mail address of my
broadband connection as the From: header because my Earthlink account
burned to the ground and sank into the swamp under the weight of the
spammers. This doesn't even TOUCH on situations (like mine) where I run my
own SMTP server with its own domain, which could be easily configured to
claim that any mail sent through it was being truthful about its origin.
If you decide to combat this by having the recipient's SMTP server compare
the envelope address with the domain that it came from, then you will have
thrown out one of the principles that has made the Internet so successful
where commercial networks failed, since it requires that people only use
ISP-Approved Mail Servers (unless, of course, they have enough cash to
bribe^Wbuy a static IP range from a local mobster^W^W^Wan incumbent ISP
that will show up in ARIN/RIPE/APNIC whois). Does the world really need
more MySmallBusiness@aol.com's?

To make a long story short, lots of other people have given it a lot of
thought and already considered (and rejected) the ideas you mentioned. And
you didn't even address the real intent from the Subject: line, which would
be "How can I prove (in a court of law, for instance) that a human being
read the contents of an e-mail and didn't, e.g., think it was spam and hit
Delete a little too quickly?", to which the only valid answer is, "Request
that the recipient reply to it manually."

- --
Chronos Tachyon
http://chronos.dyndns.org/ -- WWED?
Guardian of Eristic Paraphernalia
Gatekeeper of the Region of Thud
10:46pm up 2 days, 23:50, 0 users, load average: 0.14, 0.11, 0.09

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9GUAuPGpxVErWvSoRAkSfAJ9laQmrPKOC1+xKmLwImiTf1fGBAQCeOkWI
3P0sz0/GYJjH9EsBf0ckb2g=
=lgL1
-----END PGP SIGNATURE-----

Next message: Andrew S.: "Re: Microsoft's Jihad - Palladium"
Previous message: Bruno Wolff III: "Re: "proving" a user received an email (good gosh)"
In reply to: Faux_Pseudo: "Re: "proving" a user received an email (good gosh)"
Next in thread: Faux_Pseudo: "Re: "proving" a user received an email (good gosh)"
Reply: Faux_Pseudo: "Re: "proving" a user received an email (good gosh)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: "proving" a user received an email (good gosh)
... it should ask for a confirmation in the body of the message. ... by spammers in all of about 5 minutes to confirm the existence of valid ... provider as your outgoing mail server -- for instance, ... If you decide to combat this by having the recipient's SMTP server compare ...
(comp.security.unix)
Re: Exchange Hijacked
... >>Lot's of spammers use domains that either have no inbound SMTP server, ... find the compromised user account ...
(microsoft.public.exchange.admin)
Re: .NET email
... > Isn't that what spammers are looking for? ... "Dick" wrote in message ... > And preferably a server in a land without any kind of legislation about ... >> I don't have smtp server and my email is hotmail and I am looking for ...
(microsoft.public.dotnet.languages.vb)
Re: Please help stop spam relaying with my server
... The email address that is used to send the emails is not ... I immediately retested my server to confirm it was not an open ... my loglevel to 15 in sendmail to help diagnose the situation. ... anyone with a valid address that gets used by spammers is part of the ...
(comp.mail.sendmail)
Re: Spam
... I use SpamCop to report those spam messages that get ... through their server, which would eliminate the need for MailWasher. ... >> or "remove" yourself from the spammers' address lists; ...
(microsoft.public.windowsxp.basics)