Hi,
I was pretty explicit about not sending responses to the list, but oh well...
:-) As one who was hit by the problem which started all this, may I put this debate into perspective. Abhorrent as they are, the basic problem was not HTML or vcards etc. For me, the problem went as follows:- 1 My ISP implemented content filtering - albeit severely broken 2 A unknown number of mails heading to me from the SuSE list were bounced back to SuSE. 3 ezmlm mailed me a probe After investigating I found the original mail had a structure which looked to be an inline attachment of a .bat file to Outlook Distress. The ezmlm also contained this same structure but luckily my ISP's content filter failed to pick this up. If it had picked it up, ezmlm would have received a bounce and I would have been removed from the SuSE list. Effectively by not implementing a policy like the one proposed, SuSE would be allowing the mailing list to be exploited in a DoS attack. The DoS is twofold. First it has the potential to cut users off but it also increases the traffic/load on the SuSE servers. I predict more ISPs will implement content filtering to "protect the masses" so the problem is only likely to get worse. Personally, I think the policy ought to be the other way around and it shouldn't be too difficult to implement. Just as in good firewall design, you deny everything then just allow what you want. In this case there are arguments for pgp signing and maybe tar variants. For what its worth, I don't think attachments are appropriate for a mailing list in the same way as they are frowned on in newsnet. As another protection mechanism, maybe the bot should not repeat a bounced message but simply list the message number(s). John