LISTSERV - LSTOWN-L Archives - COMMUNITY.EMAILOGY.COM

LSTOWN-L Archives

LISTSERV List Owners' Forum

LSTOWN-L

	LISTSERV Archives
	LSTOWN-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Re: Problem with forged posting
Stan Ryckman <[log in to unmask]>
Wed, 18 Dec 1996 03:31:58 -0500
text/plain (154 lines)
At 07:33 PM 12/17/96 +0000, Shahrukh Merchant wrote:
>Hello fellow listowners,
>
>I have a problem (in 3 parts) with an allegedly forged posting.  One of
>the list members (the list is self-moderated) alleges that a posting
>send with his e-mail address was not sent by him, and is all upset about
>it.
>
>Part 1: Technical
>
>Both he and I are subscribed as DIGEST, and there are no notebooks for
>this list.  Furthermore, default options include SHORTHDR, so it is
>unlikely that *anyone* is subscribed as FULLHDR (yes, I suppose I could
>find out by doing a query on *@*).  At any rate, the question is: Is
>there any kind of log stored on the server for a few days that would let
>me retrieve (with postmaster's assistance, if necessary) the full
>headers for a particular message, to help in the analysis of where that
>message actually came from?
 
To my knowledge, no, but you might consider (as listowner) going FULLHDR.
I will point out that if you're FULLHDR on this list, you'll note that
this post does not originate from where From: points to -- I'm posting
from one account, forging as if from another.  Both are mine, however,
and I do it all the time.  (The "Received:" headers should reveal this
as originating from ultranet.com rather than tiac.net.  Currently, I
forward messages from tiac to ultranet, and answer them from ultranet.
Why?  Don't ask unless you really want a dumb-sounding answer :-)
 
May I ask why you have SHORTHDR as a default?  Do you perceive some
advantage?  I haven't used it--but maybe the "Received:" headers
come through anyway?
 
>
>Part 2: Policy
>
>Assuming the perpetrator can be found, what action, if any, should be
>taken against him or her?  Some more info:
>(a) The list rules do not explicitly state "do not forge someone else's
>address"; however, there is enough latitude in the "generalities" of the
>rules to take any appropriate action;
 
It also clearly violates common sense for people to think they should
do this and get away with it.  But see below, where *I* do this (but with
consent of the forged.)
 
>(b) There is no rule against anonymous postings--somewhat different, I
>realize; in fact, many users have pseudonyms, and this is well accepted
>(as long as it isn't used as a cloak for nastiness, which it rarely is);
 
(irrelevant?)
 
>(c) There was nothing IMHO particulary damaging in the article, i.e., I
>think it was done more as a prank than as a serious attempt to discredit
>the person;
 
(irrelevant?)
 
>(d) Notwithstanding (c), it was a cleverly done prank, in that there was
>nothing obvious in the message that might indicate that it was forged,
>i.e., the intent clearly seemed to be to deceive or to cause mischief
>(forcing the person whose name was forged to claim that it was not he
>who wrote it--there was just enough in the message that he might well
>want to disclaim authorship).
 
(irrelevant?)
 
>So, what would *you* do in a case like that?  Warn the perpetrator?
>Remove him summarily and filter him out?  Is this an extreme breach of
>Internet conduct deserving the most extreme treatment or a childish
>prank deserving a mild reprimand, or something in between?
 
On my list, he'd be off (if I could identify him) unless he apologized
to the victim *and* the victim accepted it.  Not even two strikes here.
But *ONLY* if I could verify that the forgery occurred.
 
>
>Part 3: Psychological
>
>I must admit that my natural tendency to side with the wronged (and I
>have no reason to suspect that he might be bluffing), is tempered
>somewhat by the unnecessarily strident and self-righteous tone of the
>note he sent me:
>
>> ...We need to track down the person posting this. I haven't decided
>> yet what to do about it, but I intend to consult an attorney.
>> I do not hold you responsible for this. I do insist that you help
>> prevent such behavior in the future.
>
>If "attorney" were deleted (is he trying to pressure *me* with the
>A-word?!) and "insist" changed to "request" (along with the general
>tone), then I'd feel more motivated to be sympathetic.  As it is, I'm
>inclined to say, "If absolute prevention of forgeries is what you want,
>you'd better unsubscribe until the Internet comes up with a completely
>secure authenticated e-mail infrastructure that becomes universally
>adopted."
 
If you charge money for your list, I can't help you.  If you don't,
then set it so that subscription requires a confirm, and so that only
subscribers can post, and then tell the person:
        I cannot prevent e-mail forgeries pretending to be from you if
        you are signed up to this list.  You can avoid this problem
        by unsubscribing from this list, in which case posts from
        you (and purporting to be from you) will be rejected.
 
They don't even have to unsub, actually--you can set them to NOPOST
(I think that's the term), so they could still subscribe and read it all,
but no posts from them (real or forged) would get through.
 
I'm no lawyer, but if your list is free, then I think you have no
obligation to any of the participants to provide a service.
 
>Should I be more sympathetic and swallow my pride on this one, or is
>*he* a troublemaker too, and should I not encourage his
>self-righteousness?
 
Hard to tell from here.  He could have even posted something and then
decided he didn't want to admit to it for all I know.
 
>
>Shahrukh
>--
>Shahrukh Merchant
 
 
BTW, I often "forge" posts to my own mailing list on behalf of the
participants.  But it's always with their implied consent.  The list is
set to "Reply-To= List,Respect" which puts the default reply to discussions
of game shows back to the list.  However, we also play games, and the moves
need to be sent to the sender, not the list!, and many people have dumb
mailers which don't support "Reply-To" -- hence they send me the game, and
I post it with the appropriate Reply-To: set, forging it as if "from" them.
I also stick a one-liner in the body saying I did this.
 
Forgery has its place, but deception is not why it should be used.
 
Eric probably isn't reading this, but it would be nice if people with stupid
mailers could put:
 
Reply-To: [log in to unmask]
 
as the first line of the message body, and have LISTSERV treat this as a
"Reply-To:" header.  I would then not need to forge emails on behalf of
people lacking the capability to set "Reply-To:", since they could
then post and insert this themselves.
 
Sort of like the way DejaNews implements the "X-No-Archive: yes" thing...
if your mailer handles it, stick it in the headers; if not, you can put it
as the first line of the body.  (Note: I disagree with DejaNews' philosophy
of "we're going to archive it unless you tell us not to", but that's off-
topic here...)
 
Cheers,
Stan Ryckman ([log in to unmask])
ATOM RSS1 RSS2
COMMUNITY.EMAILOGY.COM