Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Administrivia (was: RE: Re: Microsoft Security, baby steps ? )
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Fri, 19 Mar 2004 11:40:09 +1300

John.Airey () rnib org uk wrote:

And please guys, stop cc'ing me. I'm on the list and have been almost
since it started!


First, it is actually _rude_ to CC responses to messages from "self-
moderating" lists (such as Full-Disclosure) to the poster and the list 
because, by definition, the poster is on the list and will see your 

Aside from the rudeness/annoyance value of receiving two copies of such 
messages, however, in the case of Full-Disclosure the original poster 
will likely receive four to twenty copies of your message.  This occurs 
because there are some really braindead Email gateways/relays/content 
scanners out there that "lose" the SMTP envelope addressing information 
while processing messages (or simply, and very wrongly, decide to 
supplement such with further addresses from the RFC [2]822 header in 
the message body) and thereby send "extra" copies back to the sender 
and/or the list address.  At its worst, this can result in a nasty 
little cycling loop (until, I think, the F-D server simply drops the 
next iteration because it has too many Received: headers), but even at 
its best, the several such braindead/misconfigured servers actively 
processing mail for several soemones on this list will shower the 
original poster (_NOT_ the person posting the response) with their 
unneccessary extra copies.

So, please do _NOT_ CC your list responses to the OP (if you really, 
really believe the OP will read your comments twice, consider BCC'ing 
them, rather than CC'ing).

Also, when sending messages to multiple lists (say F-D and Bugtraq), it 
seems you may slightly reduce the multiple message spew that often 
results on F-D because of the above by putting all the addresses in the 
To: header, rather than one in the To: and the other(s) in CC:.


Nick FitzGerald

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]