[antispam-f] Re: What have they got against Deborah anyway?
- From: Stuart Painting <stuart@xxxxxxxxxxxxxxxxxx>
- To: antispam@xxxxxxxxxxxxx
- Date: Sat, 25 Nov 2006 23:58:51 GMT
Jeremy C B Nicoll <Jeremy@xxxxxxxxxxxxxxxx> wrote:
> In article <745e678b4e.stuart@xxxxxxxxxxxxxxxxxxxxxx>,
> Stuart Painting <stuart@xxxxxxxxxxxxxxxxxx> wrote:
>
>> The ones I've found useful fall into three main categories:
>
>> 1. Blind Carbon Copy - I think these have already been mentioned.
>
> I don't follow how that relates to a "To:" test. If someone has sent
> you mail by BCC there is no test you can sensibly do on the "To:" value.
To answer the question exactly as posed: I can check for the absence
of the "To:" field , or for a "To:" field with no readable content.
Messages sent to mailing lists may have the name of the mailing list
in the "To:" field, but I don't rely on that always being the case.
> I really don't understand why so many people think that BCC means spam.
Because, apart from the "mailing lists" case mentioned above, it *is*
overwhelmingly likely to be spam.
> Of course if you do think that and implement such a rule, unless you're
> very careful checking logs, chances are you'll never notice any genuine
> mail that gets deleted.
A BCC from anyone on my whitelist would get through. Since I delete
all other BCCs, any message BCC'd to me by someone not on my whitelist
would get deleted. This is a risk I'm prepared to take. Your Mileage
May Vary.
> I would never, for example, if I chose to forward a joke to some
> friends, explicitly expose their email addresses to each other. I
> don't think I have the right to let friend x know what friend y's email
> address is, even if I think these people know each other, let alone if
> they do not. That's up to friend y. Most people do not want their
> email addresses spread around. So I'd send the mail "To:" something
> innocuous, probably myself, and BCC it to all recipients. Surely
> everyone else does the same thing?
No, I don't. If I were so moved to send out something to multiple
recipients where I didn't want any risk of anyone knowing who else had
received it, I'd send it in separate emails to each recipient in turn.
I have seen too many cases where a supposedly "BCC'd" email managed to
disclose the full list of recipients (by means of additional headers
that the sender presumably didn't realise were there). Were this to
happen in a commercially sensitive environment, the consequences could
be far-reaching. BCC is a *bad* idea in my book.
>> 2. Message-IDs - in my case I've used both Messenger Pro and Marcel,
>> so I have rules for both cases. The Messenger Pro rule just checks
>> for a fullstop before my username, while the Marcel rule looks for
>> the specific four characters that my copy of Marcel inserted.
>
>> delete to: = *.stuart@zedtoo*
>> delete to: = *mrua@zedtoo*
>
> In the absence of Envelope-To: (with Demon) I suppoe that's sensible.
> But I think you'd be better to use the cod ethat Frank's defined to
> find out who the mail was actually delivered for.
What I actually do is get Demon to do it for me, by logging-in to the
POP3 server for each desired username in turn. The above two tests are
just to catch the spam that has the wrong value in the "To:" field
(checking back it's been relatively quiet recently: only 11 such spams
in the past 2 weeks).
>> 3. Faulty address harvesting - one of the "address swiping"
>> routines used by spammers accidentally(?) prepends the surname
>> in the victim's address book to the email address.
>
>> delete to: = *paintingstuart@zedtoo*
>
> It's not faulty;
Sure, in general someone could be allocating email addresses of the
"surnamefirstname" variety, but what I am talking about is cases where
the surname gets attached to a *genuine* email address resulting in a
*nonexistent* email address being targeted.
Other related posts:
