Mock RFC

Mock RFC:

-----------------------------------------------------------------------------



RFC 0000 ( RFC0000 )

Network Working Group J. Spamsucks
Request for Comments: 0000 University of Washington
Category: Standards Track January 2004



1. Abstract

This memo defines the syntax and use of the X-CR mail header,
the adoption of which has been necessitated by the geometrically
increasing usage of Challenge-Response ( C-R ) mail systems.


2. Introduction


Due to the increasing intolerance to spam, which has required the wide-
spread adoption of C-R mail system, which experience has shown are the
only effective spam-blocking systems, it has become necessary to define
a mail header that will allow large businesses, large non-commercial
organizations, and government to deal with C-R systems in an efficient
manner.

Fortunately, this is, basically, childsplay.



3. Usage

When the mail processing software detects the X-CR: ... mail header,
it reads the arguments to the header, and then prepends the last 4
digits of the unique number that the the first relevant argument refers
to, to the Subject: header of the auto-response. (or any response).


Note: The option exists to use these 4 unique digits as an argument to
another X- header rather than the Subject: header.




the arguments to the header include, but are not restricted to:


Syntax of the arguments:


X-CR:acct/mem/card/passwd/trans/id


Definitions of the arguments:


acct the account number of the client or member

mem the membership number

card the card (library, credit etc.)

passwd the person's password (of special relevance to websites)

trans a unique transaction number (receipt, invoice, etc.)

id an indidual's employee number or the like.




4. Conclusion

The number used in the reply to a mail with the X-CR header must meet the
following conditions:

1) It must not be available in any public documents.


2) It must be unique to the individual whose mail contains the header.


3) It must be unique to the business or organization or government agency
that issues it. (allowing its misuse by spammers and harassers to point
specifically to a security breach at an easily identifiable location.)


------------------------------------------------------------------------------









































--

For Linux/Bash users: Eliminate spam with
the Mailbox-Sentry-Program. See the thread
MSP (v2) on comp.mail.misc for the scripts and docs.

On Wed, 30 Jul 2003 16:24:15 GMT, Alan Connor <(E-Mail Removed)> wrote:
>
>
>
>
>
> Mock RFC:
>
> -----------------------------------------------------------------------------
>
>
>
> RFC 0000 ( RFC0000 )
>
> Network Working Group J. Spamsucks
> Request for Comments: 0000 University of Washington
> Category: Standards Track January 2004
>
>
>
> 1. Abstract
>
> This memo defines the syntax and use of the X-CR mail header,
> the adoption of which has been necessitated by the geometrically
> increasing usage of Challenge-Response ( C-R ) mail systems.
>
>
> 2. Introduction
>
>
> Due to the increasing intolerance to spam, which has required the wide-
> spread adoption of C-R mail system, which experience has shown are the
> only effective spam-blocking systems, it has become necessary to define
> a mail header that will allow large businesses, large non-commercial
> organizations, and government to deal with C-R systems in an efficient
> manner.
>
> Fortunately, this is, basically, childsplay.
>
>
>
> 3. Usage
>
> When the mail processing software detects the X-CR: ... mail header,
> it reads the arguments to the header, and then prepends the last 4
> digits of the unique number that the the first relevant argument refers
> to, to the Subject: header of the auto-response. (or any response).
>
>
> Note: The option exists to use these 4 unique digits as an argument to
> another X- header rather than the Subject: header.
>
>
>
>
> the arguments to the header include, but are not restricted to:
>
>
> Syntax of the arguments:
>
>
> X-CR:acct/mem/card/passwd/trans/id
>
>
> Definitions of the arguments:
>
>
> acct the account number of the client or member
>
> mem the membership number
>
> card the card (library, credit etc.)
>
> passwd the person's password (of special relevance to websites)
>
> trans a unique transaction number (receipt, invoice, etc.)
>
> id an indidual's employee number or the like.
>
>
>
>
> 4. Conclusion
>
> The number used in the reply to a mail with the X-CR header must meet the
> following conditions:
>
> 1) It must not be available in any public documents.
>
>
> 2) It must be unique to the individual whose mail contains the header.
>
>
> 3) It must be unique to the business or organization or government agency
> that issues it. (allowing its misuse by spammers and harassers to point
> specifically to a security breach at an easily identifiable location.)
>
>
> ------------------------------------------------------------------------------
>


Alan you dummy!


You forgot to note that the business/org/government-agency must include its
name in the X-Org header so that can be matched with the X-CR header by the
client using a C-R program.




After all, there are only 9999 possible 4 digit numbers and even with
upper and lower case letters and other symbols, some crazed spammer is
likely to actually send out 10,000 emails to a single address...

So let's just prevent that sort of nightmare from happenning.


THINK before you post!


xxxxxx


--

For Linux/Bash users: Eliminate spam with
the Mailbox-Sentry-Program. See the thread
MSP (v2) on comp.mail.misc for the scripts and docs.

I would like to add to that that the first email router that sees the
message check with the listed source server and not send the email on prior
to getting a confirmation from the supposed origin. That confirmation would
check that they do have an email account on their server and that the
message did come through them. The first router would then add a source
confirmation to the message similar in details to what you have proposed
here, and that would be checked by subsequent routers and forwarded only if
information matched.

Also, if the message has confusing or badly formed header information
anywhere along the line that it be derailed into a bit bucket by any email
router in the chain.

This eliminates clogging of the pipeline with bad messages and cuts
everyone's costs.
John


"Alan Connor" <(E-Mail Removed)> wrote in message
news:PiSVa.62$(E-Mail Removed) et...
>
>
>
> Mock RFC:
>
> --------------------------------------------------------------------------
---
>
>
>
> RFC 0000 ( RFC0000 )
>
> Network Working Group J. Spamsucks
> Request for Comments: 0000 University of Washington
> Category: Standards Track January 2004
>
>
>
> 1. Abstract
>
> This memo defines the syntax and use of the X-CR mail header,
> the adoption of which has been necessitated by the geometrically
> increasing usage of Challenge-Response ( C-R ) mail systems.
>
>
> 2. Introduction
>
>
> Due to the increasing intolerance to spam, which has required the wide-
> spread adoption of C-R mail system, which experience has shown are the
> only effective spam-blocking systems, it has become necessary to define
> a mail header that will allow large businesses, large non-commercial
> organizations, and government to deal with C-R systems in an efficient
> manner.
>
> Fortunately, this is, basically, childsplay.
>
>
>
> 3. Usage
>
> When the mail processing software detects the X-CR: ... mail header,
> it reads the arguments to the header, and then prepends the last 4
> digits of the unique number that the the first relevant argument refers
> to, to the Subject: header of the auto-response. (or any response).
>
>
> Note: The option exists to use these 4 unique digits as an argument to
> another X- header rather than the Subject: header.
>
>
>
>
> the arguments to the header include, but are not restricted to:
>
>
> Syntax of the arguments:
>
>
> X-CR:acct/mem/card/passwd/trans/id
>
>
> Definitions of the arguments:
>
>
> acct the account number of the client or member
>
> mem the membership number
>
> card the card (library, credit etc.)
>
> passwd the person's password (of special relevance to websites)
>
> trans a unique transaction number (receipt, invoice, etc.)
>
> id an indidual's employee number or the like.
>
>
>
>
> 4. Conclusion
>
> The number used in the reply to a mail with the X-CR header must meet
the
> following conditions:
>
> 1) It must not be available in any public documents.
>
>
> 2) It must be unique to the individual whose mail contains the header.
>
>
> 3) It must be unique to the business or organization or government
agency
> that issues it. (allowing its misuse by spammers and harassers to
point
> specifically to a security breach at an easily identifiable
location.)
>
>
> --------------------------------------------------------------------------
----
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
>
> For Linux/Bash users: Eliminate spam with
> the Mailbox-Sentry-Program. See the thread
> MSP (v2) on comp.mail.misc for the scripts and docs.
>