LISTSERV - LSTOWN-L Archives - COMMUNITY.EMAILOGY.COM

LSTOWN-L Archives

LISTSERV List Owners' Forum

LSTOWN-L

	LISTSERV Archives
	LSTOWN-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Fuzzy domain matching

Eric Thomas <[log in to unmask]>

Mon, 17 Jun 1996 18:55:07 +0200

text/plain (58 lines)

Many people have  requested a feature that would allow  the list owner to
tell LISTSERV that [log in to unmask] and [log in to unmask] are really the
same person and that the different mailboxes  are only due to the lack of
foresight or competence  of the people running the mail  systems. I would
like to collect  more detailed feedback on this proposed  feature, and in
particular, I would like  to make it clear that we  are talking about the
same thing.
 
Whether this is convenient  or not, it is a fact  that there are zillions
of host pairs  for which [log in to unmask] and  [log in to unmask] are NOT
the same person. Setting aside obvious cases like the 'root' account, you
have:
 
1. Sites that are simply organized this way.
 
2. Sites in countries where organizations are registered as a third level
   domain. For  instance, [log in to unmask]  is very  unlikely to  be the
   same  person as  [log in to unmask]  because these  are two  completely
   different universities.
 
So I want to  make it clear that L-Soft will  not implement anything that
would assume  that these two addresses  belong to the same  person in the
sense  that they  would  be treated  as a  single  subscription (much  as
ERIC@SEARN and [log in to unmask] are considered  to be the same address
and either can, say, change the  subscription options of the other). This
would make  LISTSERV totally unusable for  thousands of users and  open a
gaping security hole  that we simply cannot accept. Note  that you cannot
have a table of  domains indicating whether you need 2  or 3 common terms
as  many domains  have mixed  conventions. For  instance, the  .SE domain
registers most organizations directly under .SE, but there is a subdomain
called  PP.SE  for  individuals  who  want their  own  domain.  They  are
guaranteed to all have account names like 'anna' or 'mats' and NOT be the
same person  as the  200 other  'anna' or 'mats'  with their  own domain.
Similarly,  each   "region"  has  a   domain  under  which   its  various
bureaucratic components can  be registered, and they  are also guaranteed
to be different people. So, it is not just PP.SE and there is no easy and
simple rule to know  how far down to go. This is a  very big kludge and I
am only discussing it because so many people have requested it.
 
What we  COULD do is  add an option for  "Send= Private" lists  that says
that   if   [log in to unmask]   is   subscribed   to   the   list,   then
[log in to unmask] may also post to it,  even though it is understood that
she may not be  the same person. This would not be a  security hole as it
would just  be the list owner  defining a different policy  for accepting
postings; the  policy could always be  revoked if it became  necessary to
prevent the other Anna from posting.
 
Now what  I would  like to make  sure that we  all understand,  before we
start casting  votes, is  that this  means postings  will work  even with
broken software, but  SIGNOFF, SET and the like will  not. The new option
will only  affect *postings* and  the subscribers  will still be  just as
much  as a  pain (and  possibly more  - they  will insist  that it  works
"sometimes") when they need to change their options. The question is then
whether this is  worth the effort. Remember, the time  spent writing this
kludge will not be spent implementing another feature.
 
  Eric

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM