[CentOS] OT Mailing List Spam

Fri Oct 3 15:43:42 UTC 2008
Mark A. Lewis <mark at siliconjunkie.net>

>This is why the RFC clearly states that you must answer certain email
>addresses; abuse@ being one! If you don't follow the RFC's than how
>can anyone expect your protocols or operations to be compliant with
>any standards?
>
>Now, someone decided, in their infinite wisdom, that if you send an
>auto-reply directing you to a web form, that this is compliant..
>where as I read it as a cheat! That does not allow me to use the
>abuse@ address for the function it was intended and as stated earlier:
>
>I DO NOT HAVE TIME IN A DAY TO GO REPORTING SOME ADMINISTRATOR'S
>DEFICIENCY IN POLICING HIS/HER OWN USERS THROUGH A PROPRIETARY WEB FORM.
>
>Therefore, I have been given authority to block them, meeting my
>management's criteria.
>
>Make sure your rules meet the RFCs and your management's criteria and
>you will make your life a whole lot simpler.. Oh, and argue the RFC's
>with management, in case they do not understand!


So, let's look at your stance.

abuse at yahoo.com would probably get millions of mails a day. Acting more as a spam trap more than anything else, and I don't think anyone would call them unreasonable for not reading each and every mail sent to it. If you think they should, perhaps you should volunteer.

The spirit of the RFC is that you could send mail to abuse at domain and get in touch with someone. When the RFC was written, the idea that someone will monitor this mailbox was reasonable. Today, it is not in all cases. So, in that spirit, some orgs have setup auto responders telling you how to get in touch with them. In my opinion, this is a perfectly reasonable solution that accomplishes the same goal. Why you feel like you are too good to communicate them in an effective manner is your own issue, not theirs or the RFC. They are obviously understanding the goal of the RFC and attempting to comply, where you are just blindly taking it literally.

My suggestion to you is to learn to think beyond the exact wording and look at the spirit of the RFC and apply it to the situation. In this case, you send mail to abuse, they reply with an effective way to communicate with the abuse contacts. How that is cheating is beyond me. They met your criteria given that "they must answer certain addresses", even if it was with an auto-reply. I don't know what is "proprietary" about a web form. They are based on RFCs as well and so long as it functions in your web browser, why would you care? To take it one step further, if you are having trouble communicating with them via e-mail, this may be an ideal way to reach them as e-mail may not be effective.

Basically, get off your holier than thou RFC high horse and at least make an attempt to work with people instead of just bitching and moaning that they don't do exactly what you think they should. Or, submit an updated RFC to update it to your opinion on this "cheating".