XPost: alt.windows7.general

Hello all,

I was just going thru "krebs on security" and found an article about "The Security Pros and Cons of Using Email Aliases" ( https://krebsonsecurity.com/2022/08/the-security-pros-and-cons-of-using-email-aliases/#more-60800 )
.

I remember having read something similar somewhere, and never understood it. Assuming that I use the email alias myname+somecompany@myhost.com what stops anyone / a bad actor from removing the "+somecompany" part (to get to the
main email address) ?

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

On 8/23/2022 10:59 AM, R.Wieser wrote:

Hello all,

I was just going thru "krebs on security" and found an article about "The Security Pros and Cons of Using Email Aliases" ( https://krebsonsecurity.com/2022/08/the-security-pros-and-cons-of-using-email-aliases/#more-60800 )
.

I remember having read something similar somewhere, and never understood it. Assuming that I use the email alias myname+somecompany@myhost.com what stops anyone / a bad actor from removing the "+somecompany" part (to get to the main email address) ?

Regards,
Rudy Wieser

That could indeed be a problem unless there is no such E-mail address as <myname@myhost.com>. A good alias would have the local-part (the part
to the left of the @) avoid anything representing a real address. Thus,
if there really is such an E-mail address as <myname@myhost.com> but not
such as <hisname@myhost.com>, then a good alias would be <hisname+somecompany@myhost.com>.

I never use an alias. The ISP that hosts my E-mail has a tool on its
mail server that allows me to create new addresses. For an existing
address, that tool allows me to disable it without deleting it or to
block incoming E-mail to it without blocking outgoing E-mail from it.

--
David E. Ross
<http://www.rossde.com/>

Beyond Meat and other such vegetarian meat substitutes
represent the ultimate in ultra-processed foods. Real
meat is natural. Beyond Meat is definitely not.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

David,

if there really is such an E-mail address as <myname@myhost.com> but
not such as <hisname@myhost.com>, then a good alias would be <hisname+somecompany@myhost.com>.

Thats what I was thinking of too, but than isn't the alias not simply "hisname+somecompany" in its whole ? I mean neither "hisname" nor "somecompany" can be used on its own (as the "username").

Personally I have a few aliases made up outof an alphanumeric (random)
string, a dot and than some readable part. I do not consider that
connecting dot to be special either. I could just leave it out.

IOW, I don't understand the fuzz about that "+" character.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

David (others),

After some pondering I think the below is how such an "+" email address is
used :

1) The email adress hisname+somecompany@myhost.com is used and send to the domain.

2) The domain applies the filter hisname+*@myhost.com and finds a match, resulting in the message being put into the myname@myhost.com email box.

3) Depending on the user his email reader applies its own filter(s) so that hisname+somecompany@myhost.com and hisname+someothercompany@myhost.com get sorted into their own, local folders.

In other words, the hisname+*@myhost.com addres becomes the users equivalent
of a domains "catch all" address. With the same problems.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

"R.Wieser" <address@not.available> wrote in message news:te4fsi$1g06$1@gioia.aioe.org...

| In other words, the hisname+*@myhost.com addres becomes the users
equivalent
| of a domains "catch all" address. With the same problems.
|

It reads to me as just ninny advice for people who
don't deal with details. So they have a formula.
rudy+etsy#gmail. rudy+amazon@gmail. If the email
account doesn't even need to work then no one's
going to be hacking it. And no humans will see it, anyway.

But what's with +? He seems to be saying that POP3
or IMAP won't count what comes after, so rudy+amazon@gmail
will automatically go to rudy@gmail? Since when? Is
that an official SMTP rule? Or is it just gmail? And as you
say, if that's true then it's not really a different address.
And if you're going to want to receive that email anyway,
why do it? If I get email from amazon I'll just make a rule
to delete it based on sender.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Mayayana,

| In other words, the hisname+*@myhost.com addres becomes the
| users equivalent of a domains "catch all" address. With
|the same problems.

It reads to me as just ninny advice for people who
don't deal with details.

Who's advice ? In the above you've quoted me, but somehow I think you're talking about/to David.

But what's with +? He seems to be saying that POP3
or IMAP won't count what comes after, so rudy+amazon@gmail
will automatically go to rudy@gmail?

That was what I had problems with too, and asked about. If so it would be downright stupid.

But as I currenly only have some "best guesses" about that I can't answer
you with any kind of authority there I'm afraid.

Since when? Is that an official SMTP rule?

I have no idea. I can't even remember having ever come across anything
talking about it.

And if you're going to want to receive that email anyway,
why do it?

The problem is not receiving a message from some company, but to keep all others (spammers) out.

IOW, you do not /just/ put the companies name in there - it would be too
easy to guess for someone else - but at least add a "magic number" to it, so you can recognise its from the company you gave the email address to.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

On 8/24/2022 11:05 AM, David E. Ross wrote:

On 8/23/2022 11:18 PM, R.Wieser wrote:

David (others),

After some pondering I think the below is how such an "+" email address is >> used :

1) The email adress hisname+somecompany@myhost.com is used and send to the >> domain.

2) The domain applies the filter hisname+*@myhost.com and finds a match,
resulting in the message being put into the myname@myhost.com email box.

3) Depending on the user his email reader applies its own filter(s) so that >> hisname+somecompany@myhost.com and hisname+someothercompany@myhost.com get >> sorted into their own, local folders.

In other words, the hisname+*@myhost.com addres becomes the users equivalent >> of a domains "catch all" address. With the same problems.

Regards,
Rudy Wieser

Neither RFC 5322 nor RFC 6854 provide what you decribe. Therefore, what
you describe is not conventional; and E-mail servers do not necessarily
do that.

Instead, it is possible that some servers allow filters to do what you describe. I believe that cPanel (used by my E-mail host) would allow me
to setup such a filter on the host's server. However, that filter would apply only to my domain and not to the entire server.

Gmail Plus Address

So what is a Gmail Plus address? Say you have an email address like billgates@gmail.com. If you append a “plus” sign to your email username, Gmail will ignore anything written between the + and @ sign in the email address and still deliver the message to the same mailbox.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

On 8/23/2022 11:18 PM, R.Wieser wrote:

David (others),

After some pondering I think the below is how such an "+" email address is used :

1) The email adress hisname+somecompany@myhost.com is used and send to the domain.

2) The domain applies the filter hisname+*@myhost.com and finds a match, resulting in the message being put into the myname@myhost.com email box.

3) Depending on the user his email reader applies its own filter(s) so that hisname+somecompany@myhost.com and hisname+someothercompany@myhost.com get sorted into their own, local folders.

In other words, the hisname+*@myhost.com addres becomes the users equivalent of a domains "catch all" address. With the same problems.

Regards,
Rudy Wieser

Neither RFC 5322 nor RFC 6854 provide what you decribe. Therefore, what
you describe is not conventional; and E-mail servers do not necessarily
do that.

Instead, it is possible that some servers allow filters to do what you describe. I believe that cPanel (used by my E-mail host) would allow me
to setup such a filter on the host's server. However, that filter would
apply only to my domain and not to the entire server.

--
David E. Ross
<http://www.rossde.com/>

Beyond Meat and other such vegetarian meat substitutes
represent the ultimate in ultra-processed foods. Real
meat is natural. Beyond Meat is definitely not.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

R.Wieser <address@not.available> wrote:

Hello all,

I was just going thru "krebs on security" and found an article about "The Security Pros and Cons of Using Email Aliases" ( https://krebsonsecurity.com/2022/08/the-security-pros-and-cons-of-using-email-aliases/#more-60800 )
.

I remember having read something similar somewhere, and never understood it. Assuming that I use the email alias myname+somecompany@myhost.com what stops anyone / a bad actor from removing the "+somecompany" part (to get to the main email address) ?

Nothing. Plus addressing is not meant to protect the main email
address. It's meant to be used for filtering incoming mail. They are not
email aliases, but alternatives for email aliases.

For example, several Usenet posters use plus-addresses like <username>+usenet@<MSP> (where <MSP> is their Mail Service Provider) in
their 'From:' lines, to easily filter emailed responses to their posts.

I did a simple search on "what does a plus in an email address mean"
and think that this document explains it quite well:

<https://www.fastmail.help/hc/en-us/articles/360060591053-Plus-addressing-and-subdomain-addressing>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Zaidy,

Gmail will ignore anything written between the + and @ sign in the email address and still deliver the message to the same mailbox.

Assuming the "to:" field than still contains the origional "to" that would leave it upto the users email client to filter out the messages that he's interrested in (having the correct phrase between the "+" and "@") and
discard the rest. Yep, that could work.

Just never use it on a postbox on which the base email address (without a
"+" phrase) is also used.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

Plus addressing is not meant to protect the main email address.
It's meant to be used for filtering incoming mail. They are not
email aliases, but alternatives for email aliases.

Thats the problem : The idea is to create an identifiable email address. But
a bad player could just cut the "+" phrase outof it and start to spam the resulting email address. No way to figure out who the company was which
"+" phrase was removed.

IOW, it /sounds/ like a good thing, but, in the situation you describe, the user has to be rather carefull with it. Probably not use the base email address for anything, and throw anything addressed to it away.



"For example, suppose you gave someone the address
username+hiking@domain.tld. Any messages sent to this address will be
delivered to username@domain.tld,"

Thats the whole problem in a nutshell. Someone over at fastmail did not
think about the nuissance implications of that. :-(

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

David,

Neither RFC 5322 nor RFC 6854 provide what you decribe.

Worse, I can't google/DDG/brave any info about it either. :-\

Therefore, what you describe is not conventional; and E-mail servers do
not necessarily do that.

Instead, it is possible that some servers allow filters to do what
you describe.

Agreed to both.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

"Zaidy036" <Eric@Bloch.com> wrote

| Gmail Plus Address
|
| So what is a Gmail Plus address? Say you have an email address like
| billgates@gmail.com. If you append a “plus” sign to your email
username,
| Gmail will ignore anything written between the + and @ sign in the email
| address and still deliver the message to the same mailbox.

So this whole thing is about gmail nonsense? Yet
Kreps never mentioned that it was only relevant for gmail.
And this guy is a security expert? He sounds like a hen
living in a foxhouse.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Mayayana,

Yes, I'm talking about the article.

So no, you where not talking to me not David, but about the "Krebs on
Security" article I posted a link to.

It assumes that people can't be bothered to come up with
email names.

All I see is a way to make up an email address when needed - without having
to go thru the email hosts hoops to create one - and do the nitty-gritty
(the filtering) when at home - without, again, having to bother the email
host.

| > Since when? Is that an official SMTP rule?
|
| I have no idea. I can't even remember having ever come across
| anything | talking about it.
|
Odd. If you don't know.... :)

Why ? I know that its offered, but can't find any kind of specifics about it.

The article seems to make no sense otherwise, because
there would be no way email for rudy+amazon would ever
be sent to rudy.

Ah, you assume I only think about problems that turn up at my doorstep. :-)

Not quite. Sometimes I get caught by some percieved(?) problem with
something, and want to know more about it. Just to know what I should
decide if its ever offered to me.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

"R.Wieser" <address@not.available> wrote

| > It reads to me as just ninny advice for people who
| > don't deal with details.
|
| Who's advice ? In the above you've quoted me, but somehow I think you're
| talking about/to David.
|
Yes, I'm talking about the article. It assumes that people
can't be bothered to come up with email names.

| > But what's with +? He seems to be saying that POP3
| > or IMAP won't count what comes after, so rudy+amazon@gmail
| > will automatically go to rudy@gmail?
|
| That was what I had problems with too, and asked about. If so it would
be
| downright stupid.
|
| But as I currenly only have some "best guesses" about that I can't answer
| you with any kind of authority there I'm afraid.
|
| > Since when? Is that an official SMTP rule?
|
| I have no idea. I can't even remember having ever come across anything
| talking about it.
|
Odd. If you don't know.... :)
The article seems to make no sense otherwise, because
there would be no way email for rudy+amazon would ever
be sent to rudy.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Mayayana <mayayana@invalid.nospam> wrote:

"Zaidy036" <Eric@Bloch.com> wrote

| Gmail Plus Address
|
| So what is a Gmail Plus address? Say you have an email address like
| billgates@gmail.com. If you append a ???plus??? sign to your email username,
| Gmail will ignore anything written between the + and @ sign in the email
| address and still deliver the message to the same mailbox.

So this whole thing is about gmail nonsense? Yet
Kreps never mentioned that it was only relevant for gmail.
And this guy is a security expert? He sounds like a hen
living in a foxhouse.

Easy does it! Again loudmouthing/insulting about stuff you don't
understand (and no, the question marks don't get you of the hook).

Sorry to rain on your parade, but this is *not* "gmail nonsense".

Gmail (apparently, taking Eric's word for it) handles plus-addressing
in a non-destructive way. Good on Gmail! FYI, my main MSP just fscks up.
:-(

FWIW, AFAIK plus-addressing is a de jure or de facto standard. (Can't
be bothered to try to find it. Not my problem/question.) People use it
and for good reasons. Get over it.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

It's not a "problem" and it *is* "a good thing",

Nope, not by long shot.

it's just not meant to provide protection against spam.

It should also not be ment as an open invitation to a bad actor. Which, in
the form you are describing it, it definitily is.

So thank you, but you've made clear that if its implemented that way its absolute garbage and I would not touch it with a 10 foot pole.

Nope. For MSPs who handle plus-addressing - i.e. in this case
Fastmail - the mail will *not* be delivered to username@domain.tld's
*Inbox*, but to the *folder* 'hiking'. That's the whole point of plus-addressing.

So, you first need to set up the correct folders on the email hosts machine, and only than you can give out a "+ address that refers to it ? Thats bullshit. It would make the whole thing absolutily *zero* better than
creating a standard email alias.

But, maybe I misunderstood what you said there. In that case, please do explain a bit more.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

R.Wieser <address@not.available> wrote:

Frank,

Plus addressing is not meant to protect the main email address.
It's meant to be used for filtering incoming mail. They are not
email aliases, but alternatives for email aliases.

Thats the problem : The idea is to create an identifiable email address. But a bad player could just cut the "+" phrase outof it and start to spam the resulting email address. No way to figure out who the company was which
"+" phrase was removed.

IOW, it /sounds/ like a good thing, but, in the situation you describe, the user has to be rather carefull with it. Probably not use the base email address for anything, and throw anything addressed to it away.

It's not a "problem" and it *is* "a good thing", it's just not meant to provide protection against spam.

It also sucks at mowing your lawn. Sorry about that.

Moral: Use it or don't use it. Don't misuse/abuse it.

"For example, suppose you gave someone the address username+hiking@domain.tld. Any messages sent to this address will be delivered to username@domain.tld,"

Thats the whole problem in a nutshell. Someone over at fastmail did not think about the nuissance implications of that. :-(

Nope. For MSPs who handle plus-addressing - i.e. in this case
Fastmail - the mail will *not* be delivered to username@domain.tld's
*Inbox*, but to the *folder* 'hiking'. That's the whole point of plus-addressing.

(Zaidy036 mentioned that Gmail apparently ignores the +<tag> part and
just delivers the message anyway, which AFAIK is the correct way to do
it. It doesn't say if the +<tag> part is preserved in the 'To/Cc' header
of the received message, so it's unknown if the tag can be used for
filtering. Yes, I could test that, but I won't.)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

On 8/24/2022 2:17 PM, Frank Slootweg wrote:

R.Wieser <address@not.available> wrote:

Frank,

Plus addressing is not meant to protect the main email address.
It's meant to be used for filtering incoming mail. They are not
email aliases, but alternatives for email aliases.

Thats the problem : The idea is to create an identifiable email address. But >> a bad player could just cut the "+" phrase outof it and start to spam the
resulting email address. No way to figure out who the company was which
"+" phrase was removed.

IOW, it /sounds/ like a good thing, but, in the situation you describe, the >> user has to be rather carefull with it. Probably not use the base email
address for anything, and throw anything addressed to it away.

It's not a "problem" and it *is* "a good thing", it's just not meant to provide protection against spam.

It also sucks at mowing your lawn. Sorry about that.

Moral: Use it or don't use it. Don't misuse/abuse it.

"For example, suppose you gave someone the address
username+hiking@domain.tld. Any messages sent to this address will be
delivered to username@domain.tld,"

Thats the whole problem in a nutshell. Someone over at fastmail did not
think about the nuissance implications of that. :-(

Nope. For MSPs who handle plus-addressing - i.e. in this case
Fastmail - the mail will *not* be delivered to username@domain.tld's
*Inbox*, but to the *folder* 'hiking'. That's the whole point of plus-addressing.

(Zaidy036 mentioned that Gmail apparently ignores the +<tag> part and
just delivers the message anyway, which AFAIK is the correct way to do
it. It doesn't say if the +<tag> part is preserved in the 'To/Cc' header
of the received message, so it's unknown if the tag can be used for filtering. Yes, I could test that, but I won't.)

yes the +.... is preserved for filtering by GMail

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

"R.Wieser" <address@not.available> wrote

| Ah, you assume I only think about problems that turn up at my doorstep.
:-)
|
| Not quite. Sometimes I get caught by some percieved(?) problem with
| something, and want to know more about it. Just to know what I should
| decide if its ever offered to me.
|
My apologies, Rudy. I would never accuse you of not
making up problems. :)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

"Frank Slootweg" <this@ddress.is.invalid> wrote

| FWIW, AFAIK plus-addressing is a de jure or de facto standard. (Can't
| be bothered to try to find it. Not my problem/question.) People use it
| and for good reasons. Get over it.

You seem to be getting awfully cranky these days, Frank.
You take offense and accuse others of bad behavior
regularly.

Maybe I misunderstood. Zaidy said it's a gmail thing.
Others seem to say it's not part of smtp. According to
the RFC for SMTP that I found, anything from Chr 32 to 126
is usable, but \ is an escape character. On the other hand,
I've never seen spaces or any other non-alphanumeric used,
except for periods, underscores and dashes.

On one site I saw someone say that gmail does not allow
+ in an address because they use it for aliases! And apparently
many sites will reject it when checking an email address entered.
Of course, if + were universally used for aliases then it couldn't
be an acceptable character as part of addresses. But there's
nothing I can see in the RFC saying that + denotes an alias.
So apparently it's gmail nonsense. Interestingly,
the author of the SMTP RFC uses + in his email address!
Everyone's a comedian. :)

So I think I'll stick with my original conclusion. This whole
thing is gmail nonsense. There's no sane reason for
anyone else to actually make up an email address with + in it.
And as you said yourself, mail servers may choke on it.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Zaid,

yes the +.... is preserved for filtering by GMail

That sounds quite logical, otherwise the whole reason for putting a "+" part
in the outgoing mail would be absent ...

Than again ... Its pretty-much what my previous ISP did : They allowed us
to set up an email alias, but than removed the alias from the delivered mail (replaced it with that of the target box). Luckily they realized that that wasn't a good idea(probably because of users asking them if they where
daft), and started to deliver the mail with the "to:" untouched. :-)

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Mayayana,

| Not quite. Sometimes I get caught by some percieved(?) problem with
| something, and want to know more about it. Just to know what I
| should decide if its ever offered to me.

My apologies, Rudy. I would never accuse you of not
making up problems. :)

Thank you ! I knew you would understand.

On the other hand, you're probably yanking my chain, aren't you ? :-P

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

R.Wieser <address@not.available> wrote:

Frank,

It's not a "problem" and it *is* "a good thing",

Nope, not by long shot.

it's just not meant to provide protection against spam.

It should also not be ment as an open invitation to a bad actor. Which, in the form you are describing it, it definitily is.

Sigh! Read the above sentence again. It's *not meant to* prevent
actions from a bad actor, so it doesn't. Read my - snipped (sigh!) -
lawn mowing analogy.

For a bad actor, there's zero difference between an address with or
without a +<tag>.

So thank you, but you've made clear that if its implemented that way its absolute garbage and I would not touch it with a 10 foot pole.

That's what I suggested, but you also snipped.

Nope. For MSPs who handle plus-addressing - i.e. in this case
Fastmail - the mail will *not* be delivered to username@domain.tld's *Inbox*, but to the *folder* 'hiking'. That's the whole point of plus-addressing.

So, you first need to set up the correct folders on the email hosts machine, and only than you can give out a "+ address that refers to it ? Thats bullshit. It would make the whole thing absolutily *zero* better than creating a standard email alias.

Hmmm!? Did anyone say it was better? I don't think so. Someone said it
is an alternative, but that someone's comments get snipped and ignored.

BTW, I don't know if servers need folders to be set up beforehand.
Maybe it's automatic. Maybe it's not needed for POP.

But, maybe I misunderstood what you said there. In that case, please do explain a bit more.

Yes, you misunderstood most if not all of what I said. I re-explained
some more above. But I'm getting tired of it, especially because you're (silently) snipping my comments (and apparently not understanding them).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Zaidy036 <Eric@bloch.com> wrote:
[...]

(Zaidy036 mentioned that Gmail apparently ignores the +<tag> part and just delivers the message anyway, which AFAIK is the correct way to do
it. It doesn't say if the +<tag> part is preserved in the 'To/Cc' header
of the received message, so it's unknown if the tag can be used for filtering. Yes, I could test that, but I won't.)

yes the +.... is preserved for filtering by GMail

Thanks for the confirmation.

So Gmail indeed does the correct/sane thing.

You *do* realize that you've just ruined Mayayana's day, don't you!? :-)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Mayayana <mayayana@invalid.nospam> wrote:

"Frank Slootweg" <this@ddress.is.invalid> wrote

| FWIW, AFAIK plus-addressing is a de jure or de facto standard. (Can't
| be bothered to try to find it. Not my problem/question.) People use it
| and for good reasons. Get over it.

You seem to be getting awfully cranky these days, Frank.

You seem to hold old grudges. 'These days' is probably months ago.

You take offense and accuse others of bad behavior
regularly.

Your - 'conveniently' snipped insult - *is* bad behaviour, no ifs or
buts about it. Can't do the time, ...

Maybe I misunderstood. Zaidy said it's a gmail thing.
Others seem to say it's not part of smtp.

SMTP doesn't have anything to do with it. It's a transport protocol,
it does define e-mail address formats.

According to
the RFC for SMTP that I found, anything from Chr 32 to 126
is usable, but \ is an escape character. On the other hand,
I've never seen spaces or any other non-alphanumeric used,
except for periods, underscores and dashes.

On one site I saw someone say that gmail does not allow
+ in an address because they use it for aliases!

As Zaidy/Eric mentioned, Gmail *does* allow it, they just *ignore* it
and put the message in the user's normal Inbox.

And apparently
many sites will reject it when checking an email address entered.

A sending server should accept it (my main MSP does), but a receiving
server might reject it (my main MSP does).

Of course, if + were universally used for aliases then it couldn't
be an acceptable character as part of addresses. But there's
nothing I can see in the RFC saying that + denotes an alias.

As I said before, it's not an alias, but an alternative for aliases,
but let's not quibble about not-quite-correct terminology.

So apparently it's gmail nonsense. nterestingly,
the author of the SMTP RFC uses + in his email address!
Everyone's a comedian. :)

So I think I'll stick with my original conclusion. This whole
thing is gmail nonsense. There's no sane reason for
anyone else to actually make up an email address with + in it.
And as you said yourself, mail servers may choke on it.

Sigh! It's *not* "gmail nonsense". As mentioned, Fastmail also allows/ handles plus-addressing. Also, as I mentioned several Usenet posters use plus-addressing for filtering and I'm sure most of them do not use Gmail
or Fastmail.

Why do you say "There's no sane reason..."? The reason is to be able
to filter incoming e-mail on the +<tag>.

As to "mail servers may choke on it": The *receiving* server of the
persons who *do* use +<tag> in their e-mail address obviously do *not*
choke on it. The *sending* servers of people who send to a +<tag>
address *should* not choke on it.

You might want to try the latter on your server. The message should
*not* fail on the sending server, but might/probably_will fail on the
receiving server (which will bounce the non-delivery report to the
sender.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

Sigh! Read the above sentence again.

You are as daft as someone suggesting to remove all doorlocks because it
makes it easy for paramedics to gain entry to a house in an emergency.

It *sounds* like a good idea, but anyone with just an average intelligence
will rather quickly figure out why its not.

Yes, I understand that you are saying the "+" thingy was thought of while (purposely?) ignoring the existence of bad actors. You seem to find that
quite normal. I don't.

For a bad actor, there's zero difference between an address with
or without a +<tag>.

Now its my time to say "Sigh!" ? It is exactly why that that +<tag> should *not* be used as fastmail has implemented it. Its brain-dead stupid. Maybe even criminally so.

That's what I suggested, but you also snipped.

You did ? Than you will have no problem to quote it.

Hmmm!? Did anyone say it was better? I don't think so. Someone said
it is an alternative,

And I challenged that. For reasons I have mentioned a few times now, and
have been waved away as not important.

but that someone's comments get snipped and ignored.

That ignoring seems to be going two ways ...

Yes, you misunderstood most if not all of what I said. I re-explained
some more above.

Golly miss molly, I've tried to explain my side of the story a few times
now, and have not gotten any response to it, other than being waved away.

But I'm getting tired of it, especially because you're (silently)
snipping my comments (and apparently not understanding them).

Be my guest and quote those and mention (explain?) how they are relevant.

A warning though : I've just had a lengthy exchange (won't call it a conversation) with a "knight of claim-a-lot". One of his rather obvious "tricks" was to pretty-much claim same thing you do here. When he got
invited to quote those parts and explain how they where relevant he refused. Time and time again. I hope you're not trying to play a similar game here.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

R.Wieser <address@not.available> wrote:

Frank,

Sigh! Read the above sentence again.

You are as daft

...

but anyone with just an average intelligence

Easy does it!

That you clearly do not understand what is and is not the purpose, use
and history of the +<tag> mechanism, makes that you have absolutely no
right to continue your usual confrontational, abusive and insulting MO.
And your continuous silent snipping of your correspondent's comments/
arguments is only adding insult to injury.

[(Much) More of the same crap deleted.]

Come back when you're actually willing to read, understand and learn.

Until then, it's EOD.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

That you clearly do not understand what is and is not the purpose,

Lets put it this way : A gun is made to shoot. But for some odd reason we
do not put them into the hands of children.

But here you are, trying to "teach" me about stuff that, when not used carefully, can hurt the one using it. As long as you think that that is acceptable/sane we really have nothing to talk about.

Besides the problem that you do not actually wish to /discuss/ anything that is.

And by the way, I see that you have no wish to quote what you are
complaining about and explain yourself. Which makes me wonder if there was anything to complain about to begin with ...

And oh yeah, your example where you first have to set up a receiving email
box before you can use the "+<tag>" (as you where referring to it) ? I
don't think that was/is how its supposed to be used, as that such a usage
would just be an email alias with a "+" character in the username. IOW,
that "clearly do not understand" might well be in your own ballpark.

tl;dr:
I think I've made the cons of that "fastmail" implementation clear. If you want to offset it with some pros than be my guest. If you want you may
also put some pros and/or cons forward to the implementation as I put
forward in my third post (to David) in this thread.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

R.Wieser <address@not.available> wrote:

Frank,

That you clearly do not understand what is and is not the purpose,

Lets put it this way : A gun is made to shoot. But for some odd reason we
do not put them into the hands of children.

It's not a gun, it's just an email address, nothing more, nothing
less.

But here you are, trying to "teach" me about stuff that, when not used carefully, can hurt the one using it.

As I said, an e-mail address with a +<tag> is not any more - or less - dangerous than one without such a tag. Both can and will be abused.

As long as you think that that is acceptable/sane we really have nothing to talk about.

It is what it is. There's nothing acceptable/sane or unacceptable/
insane about it. *You* make it 'unacceptable/insane', because you
describe a use - spam/bad_actor protection - for which it's *NOT*
intended. *Again*: *Read* and try to understand the lawn mowing analogy.
And *again*:

[Rewind/Repeat:]

Moral: Use it or don't use it. Don't misuse/abuse it.

[End Rewind/Repeat.]

Besides the problem that you do not actually wish to /discuss/ anything that is.

Sorry, doesn't compute. Probably some word(s) is/are missing.

And by the way, I see that you have no wish to quote what you are
complaining about and explain yourself. Which makes me wonder if there was anything to complain about to begin with ...

I've explained things (I do not have to explain myself, because this
is not about me) over and over again, and you keep silently snipping and ignoring it over and over again. See for example the above lawn mowing
analogy. That's the *third* time.

And oh yeah, your example where you first have to set up a receiving email box before you can use the "+<tag>" (as you where referring to it) ?

No that's *not* what *I* said. That's what *you* *assumed*. And I
countered.

Obviously you will have to set up the *main* e-mail *account* (with
it's Inbox), i.e. <user>@<domain>.<tld>, The rest is up to the provider
which offers the plus-addressing facility/functionality.

I
don't think that was/is how its supposed to be used, as that such a usage would just be an email alias with a "+" character in the username. IOW,
that "clearly do not understand" might well be in your own ballpark.

tl;dr:
I think I've made the cons of that "fastmail" implementation clear. If you want to offset it with some pros than be my guest.

You've not made the cons "of that "fastmail" implementation" clear,
because Fastmail is doing what it's supposed to do for plus-addressing.
(Unless you have found something where Fastmail is not following the
standard.)

The pros are clear: Filtering of incoming e-mail tags. Again, yes
there are other ways to do similar things, but that doesn't mean it's
not useful functionality. (BTW. Don't keep harping about Fastmail.
Fastmail is just *an example*. An example I found when you asked for
more information about the use of '+' in e-mail addresses.)

[Rewind/Repeat:]

Moral: Use it or don't use it. Don't misuse/abuse it.

[End Rewind/Repeat.]

If you want you may
also put some pros and/or cons forward to the implementation as I put
forward in my third post (to David) in this thread.

No, that's just another can of worms. Maybe David will volunteer. :-)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

As I said, an e-mail address with a +<tag> is not any more - or
less - dangerous than one without such a tag.

And I countered that with explaining how the implementation of it makes
quite a difference. Wich you have and now probably will again ignore.

You're not here to discuss. I'm even wondering if you know what that word means.

Both can and will be abused.

So, just "lie down and think of England" ? Its already there so even
talking about how it perhaps could be done better is useless ? Really ?

Besides the problem that you do not actually wish to /discuss/ anything
that is.

Sorry, doesn't compute. Probably some word(s) is/are missing.

Yeah, thats a tough one .. Which word could be missing from the end of the
line ? Could it be ... "green" perhaps ? Nope, don't think so. Nope, I'm stumped and totally get it that you cannot make cheese of it. /s

I've explained things (I do not have to explain myself, because this
is not about me) over and over again, and you keep silently snipping
and ignoring it over and over again. See for example the above lawn
mowing analogy. That's the *third* time.

You're trying to make some (big) thing over that I didn't repond to your "It also sucks at mowing your lawn" statement ? Thats it ? I didn't think you wanted me to go challenge you about how you feel about mowing lawns. Thats between you and your shrink.

And as you said it yourself, it was ment as an analogy. Of what ? You being defeatistic ? Yeah, you made that already clear in the line before it -
which I *did* challenge you on. So no, I didn't ignore it.

Any more you have the feeling of I purposely ignored / should have responded
to that you want to mention ?

And oh yeah, your example where you first have to set up a receiving
email box before you can use the "+<tag>" (as you where referring to
it) ?

No that's *not* what *I* said. That's what *you* *assumed*. And I
countered.

The problem is that you *said* next to nothing, forcing me, for the sake of
a possible discussion, to fill in the blanks - which I than posted to give
you a chance to correct my "assumptions". You didn't, leaving me to
believe that that is what you ment. IOW, the results are on *you* head, not mine. I did my best.

And you say you countered it ? You are aware that I can read previous messages ?

[quote]
Hmmm!? Did anyone say it was better? I don't think so. Someone said it
is an alternative, but that someone's comments get snipped and ignored.

BTW, I don't know if servers need folders to be set up beforehand.
Maybe it's automatic. Maybe it's not needed for POP.
[/quote]

Which of that do you consider being the countering ?

All I see is some vague "maybe something somewhere somehow solves that".
IOW, a "don't bother me with it".

And by the way : that stuff I "snipped and ignored" there ? Care to quote
what it was and explain why I shouldn't have ? I'm interested.

You've not made the cons "of that "fastmail" implementation" clear,

I've not done that ? Than what was your "it is what it is" blurb about ?

because Fastmail is doing what it's supposed to do for plus-addressing.

Funny, I distincly remember you questioning if it was an RFC thingy - Which
it doesn't seem to be. So how come you're now talking about "what it's supposed to do" ? Where did you get that conviction from ?

The pros are clear: Filtering of incoming e-mail tags. Again, yes
there are other ways to do similar things, but that doesn't mean
it's not useful functionality.

It may be usefull functionality, but its not a pro. Maybe you don't know
it, but a pro is something with which a certain .. something distinguishes itself form other, similar products. I mean, you're not going to mention
the fact that an apple contains water as a pro, now are you ?

(BTW. Don't keep harping about Fastmail.
Fastmail is just *an example*.

Pray tell, how would you wish me to refer to that aberration of an implementation otherwise ? You got three words or less - with "fastmail" leading with just one word.

An example I found when you asked for more information about the
use of '+' in e-mail addresses.)

and you saw and stil do not seem to see a problem with it. :-(


Frank, before you came up with that fastmail example I already described, in
a few steps, how the whole thing could work - including considering how to tackle the *way* to obvious possibility for abuse. I've not seen you
respond to that at all, even though I seem to remember I've referred to it a few times. Should I now accuse you of purposely ignoring it ? If I should not, why ?

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

R.Wieser <address@not.available> wrote:

[...]

We're running around in circles and - after just a single
out-of-character response - you're back to your usual silent-snipping, confrontational, abusive and insulting MO.

You seem to think that the plus-addressing/+<tag> standard/mechanism
needs to be defended/improved and that your correspondent needs to do
the defending and that you can demand improvements as you will. Same
story for Fastmail or whatever other plus-addressing provider.

You also seem to think that you can ignore and silently snip any comment/argument you want, and that when that pathetic/dishonest
behaviour is pointed out to you, it's your correspondent's duty to
repost the snipped material, so that you can snip it again.

You're mistaken, utterly mistaken.

So in closing, I'm repeating, for the umpteenth time, the very essence
which you've been ignoring and silently snipping from the get go:

[Rewind/Repeat:]

Moral: Use it or don't use it. Don't misuse/abuse it.

[End Rewind/Repeat.]

EOD.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

We're running around in circles

Thats something I can agree with.

- after just a single out-of-character response - you're back
to your usual silent-snipping, confrontational, abusive and
insulting MO.

Take a wild guess what I think your your behaviour. No, not anything good
I'm afraid.

I've done my best to show and explain to you my side of the story, and all
you can do is shoot stuff down. No, that is not even a conversation, let
alone a discussion.

And that out-of-character response ? Thats the one I *want* to be,
exchanging information and considering each others POVs. You do not seem to want to do anything like that.

And its a bit rich that you call *me* insulting, having come up with accusations of having on purpose not quoted/responded to stuff and am not understanding what you're trying to say.

Lets turn that around, shall we : Did *you* understand what I said ? And if
so why didn't you grant me the simple curtesy of acknowledging what I
brought forward ?

But no, it looks like all the wrong behaviour is laying with the person you
are talking at. And no, that "at" is not a mistake.

You also seem to think that you can ignore and silently snip any comment/argument you want, and that when that pathetic/dishonest
behaviour is pointed out to you, it's your correspondent's duty to
repost the snipped material, so that you can snip it again.

:-) So, there you have your own abhorrent behaviour : claiming that the
other, me, does something wrong and than refusing to clarify - on the
grounds that in your mind you are already sure that he will just do it
again.

THats ad, as I was serious when I said I wanted to hear about the others.
That way I could verify if I really missed something that should have
responded to - and possibly even apologized for it. And yes, I've been
known to do that, But as you are refusing to show me what transgressions I supposedly have made you are simply not giving me any chance to do any of
that. IOW, don't complain, as you called it over yourself.

So in closing, I'm repeating, for the umpteenth time, the very essence
which you've been ignoring and silently snipping from the get go:

[Rewind/Repeat:]

Moral: Use it or don't use it. Don't misuse/abuse it.

[End Rewind/Repeat.]

Lol. I have made it *very* clear what I think about that, several times
over. IOW, it looks like you yourself are guilty of what you accuse me of, have "missed" me doing so, or simply "didn't understand" what you read.

EOD.

Shucks. That leaves a number of my questions and rebuttals (i mu previous message) unanswered. I wonder why you have choosen to bluntly ignore them
...

Like my

As I said, an e-mail address with a +<tag> is not any more -
or less - dangerous than one without such a tag.

And I countered that with explaining how the implementation of it
makes quite a difference.

Or my

So, just "lie down and think of England" ? Its already there so even
talking about how it perhaps could be done better is useless ? Really ?

or my

You're trying to make some (big) thing over that I didn't repond to your
"It also sucks at mowing your lawn" statement ? Thats it ?

or my

And you say you countered it ? You are aware that I can read
previous messages ?

[snipped for brevity]

Which of that do you consider being the countering ?

or else

No that's *not* what *I* said. That's what *you* *assumed*. And I
countered.

The problem is that you *said* next to nothing, forcing me, for the sake
of a possible discussion, to fill in the blanks

and so on.

IOW, you're are, and have been guilty of doing exactly what you've been accusing me of.

EOD.

To repeat *my*self, don't flatter yourself, we never had a discussion. And thats pretty-much at the basis of our current conflict.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

R.Wieser <address@not.available> wrote:
[...]

I've done my best to show and explain to you my side of the story, and all you can do is shoot stuff down. No, that is not even a conversation, let alone a discussion.

Don't rewrite what happened.

You asked a question. I responded with some information and a
reference. That's it. No discussion, just your question and my answer/ response.

But for some strange reason you didn't like the facts and started to re-define what plus-adressing/+<tag> (and Fastmail) should do and
shouldn't do. When I said it was not meant to provide protection against
spam, you refused to accept that and went from bad to worse. In some
strange way, I was and am blamed for you refusing to accept the facts/standard/reality.

Feel free to read it back. It's all there.

So if you still have a question, ask away and I/we might be able to answer/respond. But if you just want to force your way of how existing standard-compliant things should - according to you - work, on others,
then don't bother, or at least don't bother me with that.

It's up to you.

[...]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

I've done my best to show and explain to you my side of the story, and
all
you can do is shoot stuff down. No, that is not even a conversation, let
alone a discussion.

Don't rewrite what happened.

You asked a question. I responded with some information and a
reference.

No frank, that isn't what happened. I responded to that example of yours
and you responded back - with your "it is what it is" shooting down.

That's it. No discussion, just your question and my answer/
response.

I agree with you there was no discussion, but the next part is untrue. To
quote yourself "Feel free to read it back. It's all there".

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

Now even silently snipping mid-paragraph, are we!? :-()

Nope, I'm not "silently" snipping, I'm dropping.

And what is it with that "silently snipping" of yours ? Some kind of fetish
? Or just some accusation you can repeat every time you feel like it ?

Ofcourse, not explained why the "silently snipped" parts are important, and refusing, because of "reasons", to provide any when asked.

Frank, I've just gone thru a multi-week exchange with nospam. IOW, you're
not my first rodeo.

[Again,] Until then, it's EOD.

Yeah, thats your third time now. :-)

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Summary: "you're back to your usual silent-snipping"

R.Wieser <address@not.available> wrote:

Frank,

I've done my best to show and explain to you my side of the story, and
all
you can do is shoot stuff down. No, that is not even a conversation, let >> alone a discussion.

Don't rewrite what happened.

You asked a question. I responded with some information and a
reference.

Now even silently snipping mid-paragraph, are we!? :-()

No frank, that isn't what happened. I responded to that example of yours
and you responded back - with your "it is what it is" shooting down.

It *is* what happened and you're *again* rewriting what happened, by
*again* silently snipping comments/arguments. (Do you *really* think
that people fall for such pathetic, dishonest, tricks!? :-()

Clue-by-four: *Read* and *try to* comprehend my (snipped) paragraph
"But for some strange reason you didn't like the facts ...".

Fact: I did no "shooting down", *you* didn't "accept the facts/ standard/reality". Not anyone's problem, but yours.

Moral: That what you get for lying-by-ommision and
lying-by-mispresentation.

So in the off-chance you want to continue and do better: NO MORE
SILENT SNIPPING of comments/arguments.

[Again,] It's up to you.

[Again,] Until then, it's EOD.

[...]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

R.Wieser <address@not.available> wrote:

Frank,

Now even silently snipping mid-paragraph, are we!? :-()

Nope, I'm not "silently" snipping, I'm dropping.

Yes, you're "dropping" your correspondent's comments/arguments, so you
can't pretend they weren't written/made. The Usenet equivalent of
'sticking your fingers in your ears'. Most children grow out of it.

And what is it with that "silently snipping" of yours ? Some kind of fetish ? Or just some accusation you can repeat every time you feel like it ?

Oh dear, the vilain complains about being accused!? Can't do the time,
...

Ofcourse, not explained why the "silently snipped" parts are important, and refusing, because of "reasons", to provide any when asked.

Only the utterly clueless would need an explanation as to why the
snipped comments/arguments are important, especially because those comment/arguments are *repeated* after being snipped, only to be snipped
again. Which is exactly what you did again in the post I'm responding
to. I.e. I *did* explain and you snipped *again*.

Frank, I've just gone thru a multi-week exchange with nospam. IOW, you're not my first rodeo.

Yes, I've seen that. And while I'm no fan of nospam (Who is!?),
in several areas, you're completely off the rails in that "rodeo" as
well. You'd better let the rodeos to the cowboys, because - to put it
mildly - you're not very good at it.

[Again,] Until then, it's EOD.

Yeah, thats your third time now. :-)

I didn't expect you to get the conditional, so I'm not disappointed,
but yes, in *this* response, I'm breaking the condition I set. But then,
it never was a D, was it!?

Regards,

You *really* should drop that signoff! You clearly, don't mean it and
hence it's offensive.

But the offer still stands.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: alt.windows7.general

Frank,

Nope, I'm not "silently" snipping, I'm dropping.

Yes, you're "dropping" your correspondent's comments/arguments,

And there you are, again complaining about *others* dropping stuff - and
than refusing to talk about them when asked.

In the post you replied to I included a partial list of what *you* "silently snipped". And surprise, surprise, that was "silently snipped" too.

I short, frank, you're demanding a certain behaviour from me, while not behaving the same way yourself. That "one rule for me, another for
everyone else" has a name : hypocricy.

And before you complain about this too, just remember what you said yourself
: "it is what it is". Just accept it as it is and don't try to make an
issue outof it.

Goodby frank.

And yes, the rest is dropped to.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)