[arin-ppml] How bad is it really?
steve at ipv6canada.com
Mon Jul 12 23:10:20 EDT 2010
On 2010.07.12 22:49, Owen DeLong wrote:
> On Jul 12, 2010, at 7:39 PM, Matthew Kaufman wrote:
>> Steve Bertrand wrote:
>>> After reading the policy, it would seem apparent to me that the
>>> responsibility of any message sent by ARIN to a responsible POC would be
>>> up to the address holder of the POC... is that correct?
>>> ie. if spam filters catch a message destined to them that originate from
>>> ARIN, then they, or their email admins should be aware to allow all
>>> email from ARIN to traverse the filters and make it to the destination.
>> Unfortunately, the world of email today makes it much more likely that a personal one-to-one communication will be delivered than will a bulk (and yes, this is a "bulk email" by any definition) delivery of messages with multiple "click to act now" URLs in it.
>> In my case the message wasn't immediately discarded, but was moved from the "personal messages, read now" box to the "suspect messages, review" box due to the "?validationCode=9dba..." in the first URL. That simply isn't the sort of thing that a "real person" would send to an ARIN POC in order to get help.
>> And if they didn't get a reply, they could try my phone number and get a prompt reply that way as well... but the POC validation process didn't call me on the phone, either.
> I'm pretty sure they are trying to get as many responses by email as possible first, then, will resort to calling contacts that did not respond to the email. I think we should all be able to agree that this is a logical and prudent use of resources as starting off with phone calls right away would be very resource intensive with potentially less effective results (out of office, voice mail, etc.).
>>> I appreciate this effort, and feel that it is the responsibility of the
>>> recipient to accept the message properly from ARIN, as this has been
>>> decided and documented in our policy.
>> And how many of the POCs are participants in the policy-development process, do you suppose?
>> Personally I think it is a great first step, but it might have been a lot better to have a plain text message with absolutely no URLs and no advertising terms in it go out first that said "from now on, ARIN will reach you this way, please whitelist the source of this message".
> I think a plain text message could well be an excellent follow-up. However, since the response
> automation requires the URLs to be effective, it seems reasonable to attempt that as a first step.
If there are other plain-text people on this list who like Matthew's
idea, I'd be willing to write a wrapper for the outgoing/incoming
message, so that it can be passed in to the `click' procedure, without
having to `click'.
Two messages each, one plain, one html. Perhaps in ARIN Online, one
could select text only email.
Either way, a plain-text, open-source (published to CPAN) filter may fit
ARIN's API, and be extensible beyond email.
heh, I'm getting ahead of myself, and far off-topic for a policy list.
Email first, and then phone call.
More information about the ARIN-PPML