[rfc-i] A wild thought, RE: Valid email addresses [last call "On Authors, Contributors, Editors, and overload."]
dhc at dcrocker.net
Wed Jan 11 07:11:44 PST 2012
Ross, et al,
On 1/10/2012 1:55 PM, Ross Callon wrote:
> Would it be feasible to give a similar address to RFC authors (such as
> person at author.ietf.org)?
I assume that your reason for suggesting this is to permit a stable contact
address in RFCs? If not, what is the value you intend?
Since a mechanism like this would have substantial costs to develop and operate,
just how significant a problem do we currently have? In theory, it ought to be
substantial, since people do move around. In practice, I haven't noticed any
comment about this over the years.
> One reason that I have been reluctant to use my alumni address as my email
> address in an RFC is that this might invite spam -- the alumni address is
> forever, and I am concerned that over the years the amount of spam going to a
> particular address might grow well beyond the already insane amount that my
> current employer-based email address has accumulated. At a minimum this might
> therefore require both rather large email forwarding servers and also pretty
> good anti-spam filters on the servers.
The issue is much worse than simply having to satisfy demanding IETF
participants who would own these 'role' addresses.
This service would forward to actual mailboxes. To the extent that multiple
IETF folk register the same service for their mailbox -- such as yahoo,
microsoft, google, or the like -- or to the extent that the operators of
different services use the same anti-spam third-party service, mail from the
IETF will likely get blacklisted.
No matter how good the IETF's anti-spam filtering is, it will be a very long way
from perfect. An aggregation of traffic that is forwarded by the IETF will
therefore be (correctly) assessed as a significant source of spam.
(This scenario is one reason I find it counter-productive for folk in the
anti-abuse business to make the increasingly-popular claim that spam is a solved
Anyhow, the point is that operating an email relaying service really is quite a
bit of effort, even with automation of the mailbox registration (and the
security mechanisms surrounding it, such as lost passwords...)
So, again, just how significant is the problem that this service would remedy?
Is it worth spending, say, US$ 1M per year?
More information about the rfc-interest