Full Disclosure mailing list archives
RE: Apparently the practice was prevalent
From: John.Airey () rnib org uk
Date: Wed, 11 Feb 2004 10:23:32 -0000
-----Original Message----- From: Martin Macok [mailto:martin.macok () underground cz] Sent: 10 February 2004 23:53 To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Apparently the practice was prevalent On Tue, Feb 10, 2004 at 08:20:00PM -0000, John.Airey () rnib org uk wrote:format of the email you are reading, RFC 822. It's worth pointing out that anyone who does not have an "open" email relay is in breach of this RFCNot true.At the risk of descending into a playground argument, 'tis true. Sections 4.3.2, 6.2.2 and 6.2.6 imply that you have an open relay.Which RFC ???
822.
In fact, RFC 2822 which obsoletes RFC 822 doesn't even mention relays.Of course. It also doesn't mention space ships. It's just about something else. It has not anything to do with "email relaying".
What do space ships have to do with this discussion? There's no mention of them in RFC 822, so this is hardly relevant.
The right one is RFC 2821. See the quote of "Relaying" part from my previous post.
Is it? Only 2822 supersedes 822. 2821 supersedes 821, which also implies you should have open relays. It states that you should have EXPN enabled. Both were a bad idea even before April 2001, yet they had remained the "standard" for almost 20 years.
Is there any RFC that specifies that open relays are a bad idea?Do not expect that there is an RFC for every bad idea around ...
Which basically means that anything not strictly allowed isn't. My point exactly...
I can't find one.I can. RFC 2505 Anti-Spam Recommendations February 1999
No you can't. I also found RFC 2505 after sending my mail, however it still mentions nothing about open relays. It talks about "Non-Relay" and "unauthorised relaying" (an oxymoron?). These indeed mean the same thing, just like "no username and password" with http means that Microsoft shouldn't have made this "feature" available. It's been abused, granted not in the way that was first envisaged in the RFC, but abused nonetheless. This goes to prove that you can't have your cake and eat it. Bottom line: Microsoft made a mistake in not adhering to the standards. Microsoft have now fixed their mistake, and given the option to restore the broken behaviour. Users still complain. - John Airey, BSc (Jt Hons), CNA, RHCE Internet systems support officer, ITCSD, Royal National Institute of the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey () rnib org uk According to the book of Acts, Eutychus was the first man to suffer from a General Protection Fault with Windows. - DISCLAIMER: NOTICE: The information contained in this email and any attachments is confidential and may be privileged. If you are not the intended recipient you should not use, disclose, distribute or copy any of the content of it or of any attachment; you are requested to notify the sender immediately of your receipt of the email and then to delete it and any attachments from your system. RNIB endeavours to ensure that emails and any attachments generated by its staff are free from viruses or other contaminants. However, it cannot accept any responsibility for any such which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Apparently the practice was prevalent, (continued)
- Re: Apparently the practice was prevalent Nick FitzGerald (Feb 08)
- RE: Apparently the practice was prevalent Shawn K. Hall (RA/Security) (Feb 08)
- RE: Apparently the practice was prevalent Nick FitzGerald (Feb 09)
- RE: Apparently the practice was prevalent Shawn K. Hall (RA/Security) (Feb 09)
- RE: Apparently the practice was prevalent Shawn K. Hall (RA/Security) (Feb 08)
- Re: Apparently the practice was prevalent Nick FitzGerald (Feb 08)
- RE: Apparently the practice was prevalent Schmehl, Paul L (Feb 09)
- Re: Apparently the practice was prevalent Cael Abal (Feb 09)
- RE: Apparently the practice was prevalent John . Airey (Feb 10)
- Re: Apparently the practice was prevalent Martin Mačok (Feb 10)
- RE: Apparently the practice was prevalent John . Airey (Feb 10)
- Re: Apparently the practice was prevalent Martin Mačok (Feb 10)
- RE: Apparently the practice was prevalent John . Airey (Feb 11)
- Re: Apparently the practice was prevalent Martin Mačok (Feb 11)
- RE: Apparently the practice was prevalent John . Airey (Feb 11)
- Re: Apparently the practice was prevalent Martin Mačok (Feb 11)