Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)
On Mar 05, 2015, at 03:09 PM, Stephen J. Turnbull wrote: I'm really having trouble with this interest in plugins as opposed to rules for chains and handlers for pipelines. To install a rule or handler is a three-step process done by the site administrator: 1. Write or download a module containing some code using a simple plugin API; the code has access to all Mailman features. 2. Save/copy the module to .../rules or .../handlers. 3. Configure the global pipeline in mailman.cfg or individual pipelines in list configurations. That looks rather pluggable to me. What does a plugin give that improves on this process? Not much, but a little. Right now you'd have to drop the module into the rules or handlers subdirectory, but that's a bit of a problem because you're conflating code provided by Mailman with custom code from the sysadmin. Think of a Linux distro package - you really don't want sysadmins messing with the source tree of Mailman. Ideally, there would be a way to add additional filesystem -- or Python import -- paths to the config files which Mailman would then search for additional rules, handlers, etc. Right now these search paths are hardcoded, e.g. mailman/core/rules.py. That's fine for finding the standard rules, but doesn't work so well for finding custom ones. This isn't a GSoC sized project on its own though. Cheers, -Barry ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)
Sir I am very sorry but I could not fully understand our last discussion. Are you trying to say that I should work on sanitizing the message and building a spam filter? Thank You Prakash Kumar On Mon, Mar 9, 2015 at 2:40 AM, Stephen J. Turnbull step...@xemacs.org wrote: Prakash kumar writes: 1. Using regex for filtering texts ( personal information eg: phone number, address ). What do you mean by filter? Stop or hold delivery, or sanitize the message? If the former, I would drop the motivation about personal information, because body filtering is also desired for spam-filtering and avoiding flame-war reasons. 2. Checking type of files that can be attached to the mails. For eg: .exe not allowed. This is right out as it's already implemented. 3. If there are multiple attachments in the email If (multiple attachments) then for each attachment if(not appropriate) then discard notify sender that this part is removed from email body and why else continue Also already done (except for the notification part. Is it big enough for a gsoc proposal? I don't think writing multiple unrelated plugins is a good proposal. AFAIK GSoC is intended to be a single project with enough scope to require a certain amoung of design and planning. ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)
Prakash kumar writes: I am very sorry but I could not fully understand our last discussion. Are you trying to say that I should work on sanitizing the message and building a spam filter? There are two possible responses to a message that contains content that we suspect the user doesn't want distributed. (1) Don't send the message (this is what I meant by stop/hold). (2) Remove or obscure the sensitive information (this is what I meant by body filtering, that is, filter out sensitive terms but let the rest of the message go through). It is not obvious to me that sanitizing the message is a good idea, although it's probably easy to implement (just substitute [redacted] or a similar string for each occurance of sensitive information detected) once you have a good filter. However, probably these filters will be built by ordinary folks who don't specialize in natural language processing, and they are unlikely to be able to write appropriate regexps. As for writing a spam filter, no, that's not appropriate for Mailman org. There are plenty of good ones (SpamAssassin, SpamBayes) already, so writing a handler to integrate one or more of them would be the right way to go. I'm still not happy[1] with the idea of multiple plugins as a single project, but it might be reasonable to assemble a battery of pluging that handle several kinds of abuse (the body content filter, plus SpamAssassin, plus ClamAV) for example. Footnotes: [1] That means that given a choice of a single-task proposal and a multi-plugin proposal of similar quality, I would definitely choose the single-task proposal to mentor. Other mentors may feel differently. ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)
Dear sir Thanks for your kind reponse. I think I should start looking for any other idea other than plugins. Thank You Prakash Kumar On Tue, Mar 10, 2015 at 10:10 AM, Stephen J. Turnbull step...@xemacs.org wrote: Prakash kumar writes: I am very sorry but I could not fully understand our last discussion. Are you trying to say that I should work on sanitizing the message and building a spam filter? There are two possible responses to a message that contains content that we suspect the user doesn't want distributed. (1) Don't send the message (this is what I meant by stop/hold). (2) Remove or obscure the sensitive information (this is what I meant by body filtering, that is, filter out sensitive terms but let the rest of the message go through). It is not obvious to me that sanitizing the message is a good idea, although it's probably easy to implement (just substitute [redacted] or a similar string for each occurance of sensitive information detected) once you have a good filter. However, probably these filters will be built by ordinary folks who don't specialize in natural language processing, and they are unlikely to be able to write appropriate regexps. As for writing a spam filter, no, that's not appropriate for Mailman org. There are plenty of good ones (SpamAssassin, SpamBayes) already, so writing a handler to integrate one or more of them would be the right way to go. I'm still not happy[1] with the idea of multiple plugins as a single project, but it might be reasonable to assemble a battery of pluging that handle several kinds of abuse (the body content filter, plus SpamAssassin, plus ClamAV) for example. Footnotes: [1] That means that given a choice of a single-task proposal and a multi-plugin proposal of similar quality, I would definitely choose the single-task proposal to mentor. Other mentors may feel differently. ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)
Hi Prakash, On Saturday 07 March 2015 07:20 PM, Prakash kumar wrote: I want to implement plugin with features:- 1. Using regex for filtering texts ( personal information eg: phone number, address ). 2. Checking type of files that can be attached to the mails. For eg: .exe not allowed. 3. If there are multiple attachments in the email If (multiple attachments) then for each attachment if(not appropriate) then discard notify sender that this part is removed from email body and why else continue Is it big enough for a gsoc proposal? Are these one single plugin or 3 different plugins? How are you going to check the type of files? Executables do not have a *nix world. It could be big enough for a GSoC project, but it would depend on how you plan to implement it. Depending on implementation it can be done in a week or a whole summer ;-) What else I can add to it? If you haven't already fixed a bug, I suggest you to get started on it asap. You will find the links to bug trackers on Ideas Page. On Thu, Mar 5, 2015 at 7:16 PM, Stephen J. Turnbull step...@xemacs.org wrote: Please keep traffic on-list, unless it's security-related or truly personal. Replying to list. Prakash kumar writes: What does a plugin give that improves on this process? The only problem that I find is, we need to implement a framework for loading, unloading and communication of plugins. We have such a framework already, and since the only person who will be using it is the site admin (see below), I really don't see why the command-line-based download-copy-configure process is excessively burdensome. Loading and unloading plugins are better than going to code and making changes for every requirement. Somebody has to write the code. Once it's written, you just copy the module into place, and no code needs to be written. It will also help new developers to write plugins without actually understanding the complex coding of mailman. I can't imagine an interesting plugin that requires no understanding of Mailman internals. Theming web interfaces, sure, but that's not part of Mailman core anymore, that would for Postorius or HyperKitty or some other application. What kind of thing are you thinking about? Is it really appropriate for a mailing list (vs a blog or web forum)? I think it will be better if we can give the users What users? See next comments. ability to load and unload plugins without touching the source code We already have that, for values of user == site admin. With a prewritten plugin (handler or rule), the only Python you need to know is the syntax of Python lists and strings, and maybe not even that. means from the web ui like in wordpress. I think this is very unlikely to happen. No sane site admin would enable such a feature in Mailman as currently implemented, because once you have a Python module, you have access to pretty much everything inside of Mailman. For example, you could write a plugin that looks for private or no-archive lists, saves a month of posts to disk, and then spews the lot to Twitter (after checking the language and spewing to Weibo instead for Chinese). The only thing I can think of would be nice to have, maybe the site admin could install the handlers/rules manually as now, but add a feature to Postorius to allow manipulation of the pipeline from the web UI so that handlers or rules could be enabled selectively for individual lists. Again I'm not sure that a sane site admin would allow this from the web UI, because manipulating the pipeline or rules can have a large impact on performance and correctness of behavior. If a poorly ordered pipeline caused a list to go rogue, that could affect the reputation of the whole site. ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/raj.abhilash1%40gmail.com Security Policy: http://wiki.list.org/x/QIA9 -- thanks, Abhilash signature.asc Description: OpenPGP digital signature ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)
Hello Abhilash Sir, Are these one single plugin or 3 different plugins? All three features are of a single plugin. How are you going to check the type of files? Executables do not have a *nix world. I am thinking of using python-magic library( https://github.com/ahupp/python-magic) for determining file types. I am aware of the basics of linux as I am using it for past 2 years, it was just for an example. I have also sent a merge request for a bug fix on launchpad https://code.launchpad.net/~prakash09/mailman/3.0/+merge/251968. I want suggestions from your side for refining this idea. Thank You Prakash Kumar On Sun, Mar 8, 2015 at 8:02 PM, Abhilash Raj raj.abhila...@gmail.com wrote: Hi Prakash, On Saturday 07 March 2015 07:20 PM, Prakash kumar wrote: I want to implement plugin with features:- 1. Using regex for filtering texts ( personal information eg: phone number, address ). 2. Checking type of files that can be attached to the mails. For eg: .exe not allowed. 3. If there are multiple attachments in the email If (multiple attachments) then for each attachment if(not appropriate) then discard notify sender that this part is removed from email body and why else continue Is it big enough for a gsoc proposal? Are these one single plugin or 3 different plugins? How are you going to check the type of files? Executables do not have a *nix world. It could be big enough for a GSoC project, but it would depend on how you plan to implement it. Depending on implementation it can be done in a week or a whole summer ;-) What else I can add to it? If you haven't already fixed a bug, I suggest you to get started on it asap. You will find the links to bug trackers on Ideas Page. On Thu, Mar 5, 2015 at 7:16 PM, Stephen J. Turnbull step...@xemacs.org wrote: Please keep traffic on-list, unless it's security-related or truly personal. Replying to list. Prakash kumar writes: What does a plugin give that improves on this process? The only problem that I find is, we need to implement a framework for loading, unloading and communication of plugins. We have such a framework already, and since the only person who will be using it is the site admin (see below), I really don't see why the command-line-based download-copy-configure process is excessively burdensome. Loading and unloading plugins are better than going to code and making changes for every requirement. Somebody has to write the code. Once it's written, you just copy the module into place, and no code needs to be written. It will also help new developers to write plugins without actually understanding the complex coding of mailman. I can't imagine an interesting plugin that requires no understanding of Mailman internals. Theming web interfaces, sure, but that's not part of Mailman core anymore, that would for Postorius or HyperKitty or some other application. What kind of thing are you thinking about? Is it really appropriate for a mailing list (vs a blog or web forum)? I think it will be better if we can give the users What users? See next comments. ability to load and unload plugins without touching the source code We already have that, for values of user == site admin. With a prewritten plugin (handler or rule), the only Python you need to know is the syntax of Python lists and strings, and maybe not even that. means from the web ui like in wordpress. I think this is very unlikely to happen. No sane site admin would enable such a feature in Mailman as currently implemented, because once you have a Python module, you have access to pretty much everything inside of Mailman. For example, you could write a plugin that looks for private or no-archive lists, saves a month of posts to disk, and then spews the lot to Twitter (after checking the language and spewing to Weibo instead for Chinese). The only thing I can think of would be nice to have, maybe the site admin could install the handlers/rules manually as now, but add a feature to Postorius to allow manipulation of the pipeline from the web UI so that handlers or rules could be enabled selectively for individual lists. Again I'm not sure that a sane site admin would allow this from the web UI, because manipulating the pipeline or rules can have a large impact on performance and correctness of behavior. If a poorly ordered pipeline caused a list to go rogue, that could affect the reputation of the whole site. ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe:
Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)
I want to implement plugin with features:- 1. Using regex for filtering texts ( personal information eg: phone number, address ). 2. Checking type of files that can be attached to the mails. For eg: .exe not allowed. 3. If there are multiple attachments in the email If (multiple attachments) then for each attachment if(not appropriate) then discard notify sender that this part is removed from email body and why else continue Is it big enough for a gsoc proposal? What else I can add to it? On Thu, Mar 5, 2015 at 7:16 PM, Stephen J. Turnbull step...@xemacs.org wrote: Please keep traffic on-list, unless it's security-related or truly personal. Replying to list. Prakash kumar writes: What does a plugin give that improves on this process? The only problem that I find is, we need to implement a framework for loading, unloading and communication of plugins. We have such a framework already, and since the only person who will be using it is the site admin (see below), I really don't see why the command-line-based download-copy-configure process is excessively burdensome. Loading and unloading plugins are better than going to code and making changes for every requirement. Somebody has to write the code. Once it's written, you just copy the module into place, and no code needs to be written. It will also help new developers to write plugins without actually understanding the complex coding of mailman. I can't imagine an interesting plugin that requires no understanding of Mailman internals. Theming web interfaces, sure, but that's not part of Mailman core anymore, that would for Postorius or HyperKitty or some other application. What kind of thing are you thinking about? Is it really appropriate for a mailing list (vs a blog or web forum)? I think it will be better if we can give the users What users? See next comments. ability to load and unload plugins without touching the source code We already have that, for values of user == site admin. With a prewritten plugin (handler or rule), the only Python you need to know is the syntax of Python lists and strings, and maybe not even that. means from the web ui like in wordpress. I think this is very unlikely to happen. No sane site admin would enable such a feature in Mailman as currently implemented, because once you have a Python module, you have access to pretty much everything inside of Mailman. For example, you could write a plugin that looks for private or no-archive lists, saves a month of posts to disk, and then spews the lot to Twitter (after checking the language and spewing to Weibo instead for Chinese). The only thing I can think of would be nice to have, maybe the site admin could install the handlers/rules manually as now, but add a feature to Postorius to allow manipulation of the pipeline from the web UI so that handlers or rules could be enabled selectively for individual lists. Again I'm not sure that a sane site admin would allow this from the web UI, because manipulating the pipeline or rules can have a large impact on performance and correctness of behavior. If a poorly ordered pipeline caused a list to go rogue, that could affect the reputation of the whole site. ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Discussion about Mailman plugins(GSOC 2015)
Please keep traffic on-list, unless it's security-related or truly personal. Replying to list. Prakash kumar writes: What does a plugin give that improves on this process? The only problem that I find is, we need to implement a framework for loading, unloading and communication of plugins. We have such a framework already, and since the only person who will be using it is the site admin (see below), I really don't see why the command-line-based download-copy-configure process is excessively burdensome. Loading and unloading plugins are better than going to code and making changes for every requirement. Somebody has to write the code. Once it's written, you just copy the module into place, and no code needs to be written. It will also help new developers to write plugins without actually understanding the complex coding of mailman. I can't imagine an interesting plugin that requires no understanding of Mailman internals. Theming web interfaces, sure, but that's not part of Mailman core anymore, that would for Postorius or HyperKitty or some other application. What kind of thing are you thinking about? Is it really appropriate for a mailing list (vs a blog or web forum)? I think it will be better if we can give the users What users? See next comments. ability to load and unload plugins without touching the source code We already have that, for values of user == site admin. With a prewritten plugin (handler or rule), the only Python you need to know is the syntax of Python lists and strings, and maybe not even that. means from the web ui like in wordpress. I think this is very unlikely to happen. No sane site admin would enable such a feature in Mailman as currently implemented, because once you have a Python module, you have access to pretty much everything inside of Mailman. For example, you could write a plugin that looks for private or no-archive lists, saves a month of posts to disk, and then spews the lot to Twitter (after checking the language and spewing to Weibo instead for Chinese). The only thing I can think of would be nice to have, maybe the site admin could install the handlers/rules manually as now, but add a feature to Postorius to allow manipulation of the pipeline from the web UI so that handlers or rules could be enabled selectively for individual lists. Again I'm not sure that a sane site admin would allow this from the web UI, because manipulating the pipeline or rules can have a large impact on performance and correctness of behavior. If a poorly ordered pipeline caused a list to go rogue, that could affect the reputation of the whole site. ___ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9