Re: Predraft of a new URL scheme: mailmsg

Dirk Herr-Hoyman (
Wed, 4 Jan 1995 09:14:01 -0500

Date: Wed, 4 Jan 1995 09:14:01 -0500
Message-Id: <ab30be4604021004ae48@[]>
From: (Dirk Herr-Hoyman)
Subject: Re: Predraft of a new URL scheme: mailmsg

At 12:57 PM 1/4/95, Marc VanHeyningen wrote:
>> Since URLs are hardly something which the casual user might have
>>       - an overriding interest in
>>       - an appreciation of the consequences of
>>       - comprehensive knowledge of
>> I would politely suggest that this is a bad idea.  For a more in depth
>> explanation of the inadvisability of this URL scheme please see:
>> < Threat/I'm gonna git you sucka>
What we are trying to address here (and I'm the person who earily proposed
a similar mailserver URL), is the ability to access resources that are ONLY
available via e-mail retrieval.  If we are to have a URL for this, then the
example given above will certainly be possible.

I don't really want to create more ways to spoof e-mail, but I also would
like to see the functionality of URL extended to e-mail retrieval.  It
looks to me that these 2 requirements are fundamentally in conflict here.

>This is, of course, a serious concern.  As Larry pointed out, similar
>concerns also exist for the gopher: URL, since it can be used to spoof
>mail messages in less obvious ways.

And there are lot's of other ways to spoof e-mail, including many POP user
agents that let you set your own return address.  E-mail, as it is
currently incarnated on the Internet, is inherently insecure.

I would like to see an e-mail retrieval URL, whill still being sensitive to
the security concerns.  But, since e-mail is already inherently insecure,
my feeling is that the increased functionlity of such a URL is more
important then preventing yet another hole.

Dirk Herr-Hoyman <> |          I tried to contain myself
CyberBeach Publishing               |                                but
   * Internet publishing services   |                          I got out
Lake Worth, Florida, USA            |
Phone:     +1.407.540.8309