Re: Predraft of a new URL scheme: mailmsg

Ned Freed (NED@innosoft.com)
Thu, 05 Jan 1995 12:39:54 -0700 (PDT)


Date: Thu, 05 Jan 1995 12:39:54 -0700 (PDT)
From: Ned Freed <NED@innosoft.com>
Subject: Re: Predraft of a new URL scheme: mailmsg
In-Reply-To: Your message dated "Wed, 04 Jan 1995 18:24:07 -0800 (PST)"
To: Larry Masinter <masinter@parc.xerox.com>
Cc: uri@bunyip.com
Message-Id: <01HLHKVL7ZL68ZDW0P@INNOSOFT.COM>

> > ... and a list of standard ports to shun should probably be added.

> I don't think anyone was able to generate one, although I remember it
> being discussed. What ports do YOU think should be shunned?

Hmm. Well, on inspection there really aren't that many. I don't think any port
that could prove useful should be banned. For example, I suppose that use of
the echo port in a URL could provide a useful test service.

This leaves the following ports that are clearly either useless or potentially
harmful:

discard           9/tcp    Discard
chargen          19/tcp    Character Generator
smtp             25/tcp    Simple Mail Transfer
domain           53/tcp    Domain Name Server
kerberos         88/tcp    Kerberos
snmp            161/tcp    SNMP

Discard produces no information and hence isn't useful even for testing.
Chargen produces an endless stream of data, and hence can be quite dangerous.
SMTP could be used with an implementation of the TURN command, I suppose, but
this is problematic and the potential for abuse is too high. Domain, Kerberos,
and SNMP are also not useful sources of URL information and the potential for
abuse is too high.

> How can a URL cause someone to fill the spool area?

Conside a TELNET URL pointing at port 19 that sends nothing. This port
produces an endless stream of data. Many clients put the data they receive
into a temporary file in the spool area. If you use the charget port on the
local machine the data arrives very quickly, and if the client isn't robust
it falls over once the disk is full and leaves the temporary file there.

				Ned