URGENT: do not send return receipts!
Jonathan S. Shapiro
shap@eros-os.org
Tue, 11 Apr 2000 15:04:23 -0400
This is a multi-part message in MIME format.
------=_NextPart_000_034C_01BFA3C7.38AACBC0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
IF YOU RECEIVE mail on ANY mailing list and are asked whether to provide =
a return receipt or to notify the sender in any way that you have =
received the email, say NO!
I have just modified majordomo on eros-os.org to BOUNCE all messages =
containing a '"Return-Receipt-To:" header. A new subscriber has been =
sending messages with Return-Receipt-To: headers. The problem with this =
is that it can be used to collect email addresses for inclusion into =
mailing lists. This can be automated by making the Return-Receipt-To: =
header point to someone other than the sender. At the moment, I cannot =
determine if this behavior is malicious or merely ignorant.
In the future, if you send mail to these lists with a Return-Receipt-To: =
header, you will get a warning. If you make a habit of it, I will remove =
you from all lists. Permanently.
On an unrelated note, I have also modified majordomo to update the =
"reply-to:" field so that replies will default to the list.
My apologies for any inconvenience that you may have been caused by my =
oversight.
shap
------=_NextPart_000_034C_01BFA3C7.38AACBC0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.3013.2600" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>IF YOU RECEIVE mail on ANY mailing list =
and are=20
asked whether to provide a return receipt or to notify the sender in any =
way=20
that you have received the email, say NO!</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>I have just modified majordomo on eros-os.org to BOUNCE all =
messages=20
containing a '"Return-Receipt-To:" header. </FONT><FONT face=3DArial =
size=3D2>A new=20
subscriber has been sending messages with Return-Receipt-To: headers. =
The=20
problem with this is that it can be used to collect email addresses for=20
inclusion into mailing lists. This can be automated by making the=20
Return-Receipt-To: header point to someone other than the sender. At the =
moment,=20
I cannot determine if this behavior is malicious or merely=20
ignorant.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>In the future, if you send mail to =
these lists with=20
a Return-Receipt-To: header, you will get a warning. If you make a habit =
of it,=20
I will remove you from all lists. Permanently.</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>On an unrelated note, I have also =
modified=20
majordomo to update the "reply-to:" field so that replies will default =
to the=20
list.</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>My apologies for any inconvenience that =
you may=20
have been caused by my oversight.</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>shap</FONT></DIV></BODY></HTML>
------=_NextPart_000_034C_01BFA3C7.38AACBC0--