Re: Regarding all the spam...

2004-03-04 Thread Ben Laurie 
Boyle Owen wrote:

-Original Message-
From: Ben Laurie [mailto:[EMAIL PROTECTED]
I disagree.


I've lost the thread... You want to limit posting to subscribers only or
you don't?
I don't.

--
http://www.apache-ssl.org/ben.html   http://www.thebunker.net/
There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit. - Robert Woodruff
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-04 Thread Scott Lamb 
On Mar 2, 2004, at 8:37 PM, Joseph Bruni wrote:

I don't know about that. During the latest Windows exploit virus blast 
(when are they going to fix their stuff?) I kept getting bombed by AV 
bounces aimed at openssl-users-l. Not to mention that the list was 
DOWN during that time as well. A good number of my posts just got 
timed out by my legitimate SMTP relay.

On Mar 2, 2004, at 2:15 PM, L Nehring wrote:

Have we now crossed the threshold where there are more off-topic 
messages discussing spam than spam messages themselves?

There just doesn't seem to be a real need to take any action at all 
given the small number of UCE or antivirus bounce messages.
To put some concrete numbers on this, my mail logs note rejecting 24 
messages MAIL FROM: [EMAIL PROTECTED] in 
the past month, and I have 14 more in my junk folder. So no, we most 
certainly have not crossed that threshold.

Scott

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: Regarding all the spam...

2004-03-04 Thread Boyle Owen 
 -Original Message-
 From: Scott Lamb [mailto:[EMAIL PROTECTED]

The spammer who zapped the mod_ssl list (see
http://marc.theaimsgroup.com/?l=apache-modsslr=1b=200403w=2) has now
moved onto this list (see content-free mail apparently from rse...)

Can someone with admin powers block these spams?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 
 
 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing List[EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le présent e-mail est
un message privé et personnel, sans rapport avec l'activité boursière du
Groupe SWX.

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 


__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-04 Thread Richard Koenning 
Boyle Owen wrote:

-Original Message-
From: Scott Lamb [mailto:[EMAIL PROTECTED]


The spammer who zapped the mod_ssl list (see
http://marc.theaimsgroup.com/?l=apache-modsslr=1b=200403w=2) has now
moved onto this list (see content-free mail apparently from rse...)
Can someone with admin powers block these spams?
This is no spam, but, according to our mail virus scanner, a worm named 
WORM_NETSKY.B. Btw, how can a content-free mail be spam? ;-)
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-04 Thread L Nehring 
(openssl-users) This is way off-topic, so let me apologize in advance.

Here's some of my own email numbers to give a piece of my perspective of 
the talk about spam on the openssl list and why I just don't see a real 
problem.

I run a pair of email servers on a very small domain that serves about 
10 live users.
I received a total of 21204 emails in the past month for the domain.   
In that time frame, I quarantined 1626 messages containing viruses, 3671 
messages were rejected, 1267 messages bounced, and 1431 messages were 
marked as spam.

Maybe my threshold for pain is higher  than normal, but if I were to get 
just 24 or even less than 50 rejected|spam|virus messages per day, I 
would be checking my email servers for misconfiguration or compromise.   
Doesn't matter where the bad messages actually come from anymore, since 
it's becoming a given that the 'mail from:' address is invalid or spoofed.

I can't imagine that a change that restricts who might post to the 
openssl list would have any noticeable effect on email in my little 
domain or anywhere else.

It might be better to petition the antivirus vendors to remove the 
arcane/useless bounce notification feature (that has become a serious 
source of spam).  If a person didn't know they sent a virus, they 
probably aren't going to know what to do if they're notified about it.  
I they did know they sent a virus, then they aren't going to care...   
More likely however, is that the person didn't send any original virus 
message at all and was just unlucky enough to have their address spoofed 
so that they would end up with a mysterious bounce message. 
.this could be exploited in a similar manner to an ICMP smurf attack 
- if you want to mail-bomb somebody just mass mail a virus-laden email 
with the from address of your target.  Doesn't matter what the virus is 
or what it does as long as it's detected and triggers an automatic 
response.   Probably works better if the mass mailing includes mail 
lists in increase the amount of AV notices sent to the target.   

Again, I apologize again for being off-topic.  I'll copy this post over 
the the Full-disclosure list to let the thread continue there.

Scott Lamb wrote:

On Mar 2, 2004, at 8:37 PM, Joseph Bruni wrote:

I don't know about that. During the latest Windows exploit virus 
blast (when are they going to fix their stuff?) I kept getting bombed 
by AV bounces aimed at openssl-users-l. Not to mention that the list 
was DOWN during that time as well. A good number of my posts just got 
timed out by my legitimate SMTP relay.

On Mar 2, 2004, at 2:15 PM, L Nehring wrote:

Have we now crossed the threshold where there are more off-topic 
messages discussing spam than spam messages themselves?

There just doesn't seem to be a real need to take any action at all 
given the small number of UCE or antivirus bounce messages.

To put some concrete numbers on this, my mail logs note rejecting 24 
messages MAIL FROM: [EMAIL PROTECTED] in 
the past month, and I have 14 more in my junk folder. So no, we most 
certainly have not crossed that threshold.

Scott

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]


__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-02 Thread Ben Laurie 
Rich Salz wrote:

I think I misunderstood that question.  I honestly don't know what we
would lose.  Maybe a sense of openness.


In the past -- at least, say, 2-3 years ago -- we had a couple of
anonymous posters who made very worthwhile contributions.  Haven't
seen that recently.  Also, it used to be in the spirit of crypto
open source (cypherpunkcs, etc) to allow anon posting because
of the whoele ethos thing.
Probably not worth supporting any more.
I disagree.

--
http://www.apache-ssl.org/ben.html   http://www.thebunker.net/
There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit. - Robert Woodruff
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: Regarding all the spam...

2004-03-02 Thread Boyle Owen 
 -Original Message-
 From: Ben Laurie [mailto:[EMAIL PROTECTED]
 
 I disagree.

I've lost the thread... You want to limit posting to subscribers only or
you don't?

BTW, the mod_ssl list has been swamped by some spammer. Would this list
be immune to these posts (the spammer is craftily spoofing the From
field..)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

 
 -- 
 http://www.apache-ssl.org/ben.html   http://www.thebunker.net/
 
 There is no limit to what a man can do or how far he can go if he
 doesn't mind who gets the credit. - Robert Woodruff
 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing List[EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le présent e-mail est
un message privé et personnel, sans rapport avec l'activité boursière du
Groupe SWX.

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 


__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-02 Thread Rich Salz 
Rich Salz wrote:
Probably not worth supporting any more.
Ben Laurie wrote:
I disagree.
Ben's voice carries way more weight than mine :)  I stand down...
/r$
--
Rich Salz, Chief Security Architect
DataPower Technology   http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-02 Thread Scott Lamb 
On Feb 24, 2004, at 9:55 AM, Rich Salz wrote:

I think I misunderstood that question.  I honestly don't know what we
would lose.  Maybe a sense of openness.
In the past -- at least, say, 2-3 years ago -- we had a couple of
anonymous posters who made very worthwhile contributions.  Haven't
seen that recently.  Also, it used to be in the spirit of crypto
open source (cypherpunkcs, etc) to allow anon posting because
of the whoele ethos thing.
I think there's a huge distinction to be made between disallowing 
anonymous posting and disallowing non-moderated posting by non-members. 
You can easily register a hotmail account or whatever and join the 
mailing list anonymously. In fact, anonymity has _nothing_ to do with 
whether you are a member of the mailing list or not.

Scott

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-02 Thread Vadim Fedukovich 
On Tue, Mar 02, 2004 at 11:47:43AM -0600, Scott Lamb wrote:
 
 On Feb 24, 2004, at 9:55 AM, Rich Salz wrote:
 
  I think I misunderstood that question.  I honestly don't know what we
  would lose.  Maybe a sense of openness.
 
  In the past -- at least, say, 2-3 years ago -- we had a couple of
  anonymous posters who made very worthwhile contributions.  Haven't
  seen that recently.  Also, it used to be in the spirit of crypto
  open source (cypherpunkcs, etc) to allow anon posting because
  of the whoele ethos thing.
 
 I think there's a huge distinction to be made between disallowing 
 anonymous posting and disallowing non-moderated posting by non-members. 
 You can easily register a hotmail account or whatever and join the 
 mailing list anonymously. In fact, anonymity has _nothing_ to do with 
 whether you are a member of the mailing list or not.

a hotmail account might be considered a handy tool but it hardly could be
regarded as anonymous.

Please take a look at mixmaster.sf.net (the tool)
and network of remailers running around. There was mixmaster protocol
ietf draft published recently

It is not quite clear whether there's a chance to both accept mail from
remailers and kill the junk

regards,
Vadim

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-02 Thread Scott Lamb 
Vadim Fedukovich wrote:
a hotmail account might be considered a handy tool but it hardly could be
regarded as anonymous.
Please take a look at mixmaster.sf.net (the tool)
and network of remailers running around. There was mixmaster protocol
ietf draft published recently
That was the or whatever. ;) You can be as thorough as you like, but 
registering a random hotmail account and perhaps sending mail from a 
public place is frequently good enough. (I personally don't see the need 
for perfect anonymity when posting questions about an API, even a 
security-related one.)

I don't see why using an anonymous remailer for greater protection would 
be any different - IIRC they support creating a consistent pseudonym and 
sending and receiving many mails to/from it.

It is not quite clear whether there's a chance to both accept mail from
remailers and kill the junk
I think just simply requiring people to be list members before posting 
would be enough to make a big impact.

This would completely stop the you sent us a virus messages that Robin 
Lynn Frank mentioned. Anti-virus software is not going to subscribe to 
the mailing list first; if its makers had realized these messages would 
be sent to mailing lists, they wouldn't be sending them at all.

And while spammers _could_ subscribe to mailing lists before sending a 
bunch of spam, they typically don't, based on my experiences with other 
lists.

regards,
Vadim
Thanks,
Scott
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-02 Thread L Nehring 
Have we now crossed the threshold where there are more off-topic 
messages discussing spam than spam messages themselves?

There just doesn't seem to be a real need to take any action at all 
given the small number of UCE or antivirus bounce messages.
r,
Lance
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-02 Thread Patrick Coleman 

 I think just simply requiring people to be list members before posting
 would be enough to make a big impact.

You dont necessarily have to force people to become members. Just 
ensure that all anonymous posts are be moderated, and the problem 
is solved. The spam, viruses and anonymous posts get redirected to 
one administrators inbox, who agrees to put up with them, and legit 
anonymous posts are allowed into the list from there. Everyone is 
happy. I've set this up for a couple of lists I manage after problems with 
spam, and it works well. 

I do agree with Lance, though, about the irony of the fact that we're 
generating more mail discussing this than the spammers themselves :)
-Patrick
-- 
RedHerring: Linux wiki support and tutorials
http://covox.sepwich.com/linux

CECID: The CEnsorship CIrcumvention Device
http://cecid.sf.net

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-03-02 Thread Joseph Bruni 
I don't know about that. During the latest Windows exploit virus blast 
(when are they going to fix their stuff?) I kept getting bombed by AV 
bounces aimed at openssl-users-l. Not to mention that the list was DOWN 
during that time as well. A good number of my posts just got timed out 
by my legitimate SMTP relay.

On Mar 2, 2004, at 2:15 PM, L Nehring wrote:

Have we now crossed the threshold where there are more off-topic 
messages discussing spam than spam messages themselves?

There just doesn't seem to be a real need to take any action at all 
given the small number of UCE or antivirus bounce messages.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-02-24 Thread Mads Toftum 
On Tue, Feb 24, 2004 at 01:27:05PM +0100, Richard Levitte - VMS Whacker wrote:
 
 I think I misunderstood that question.  I honestly don't know what we
 would lose.  Maybe a sense of openness.
 
get someone to moderate the list - problem solved.

vh

Mads Toftum
-- 
`Darn it, who spiked my coffee with water?!' - lwall

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-02-24 Thread Richard Levitte - VMS Whacker 
In message [EMAIL PROTECTED] on Tue, 24 Feb 2004 13:32:40 +0100, Mads Toftum [EMAIL 
PROTECTED] said:

mads On Tue, Feb 24, 2004 at 01:27:05PM +0100, Richard Levitte - VMS Whacker wrote:
mads  
mads  I think I misunderstood that question.  I honestly don't know what we
mads  would lose.  Maybe a sense of openness.
mads  
mads get someone to moderate the list - problem solved.

*cough* you do know what you're talking about, right?

-
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte   \ Tunnlandsvägen 52 \ [EMAIL PROTECTED]
[EMAIL PROTECTED]  \ S-168 36  BROMMA  \ T: +46-708-26 53 44
\  SWEDEN   \
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-02-24 Thread Richard Levitte - VMS Whacker 
In message [EMAIL PROTECTED] on Tue, 24 Feb 2004 12:59:37 +0100, Lyngmo Ted 
[EMAIL PROTECTED] said:

ted.lyngmo Is it possible to post messages to the mailing list
ted.lyngmo without being a member?

Yes, openssl-users is completely open.

ted.lyngmo If so, what would we lose by changing that?

Some people will have their responses go to
[EMAIL PROTECTED]  You will miss those replies.

-
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte   \ Tunnlandsvägen 52 \ [EMAIL PROTECTED]
[EMAIL PROTECTED]  \ S-168 36  BROMMA  \ T: +46-708-26 53 44
\  SWEDEN   \
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-02-24 Thread Richard Levitte - VMS Whacker 
In message [EMAIL PROTECTED] on Tue, 24 Feb 2004 12:59:37 +0100, Lyngmo Ted 
[EMAIL PROTECTED] said:

ted.lyngmo If so, what would we lose by changing that?

I think I misunderstood that question.  I honestly don't know what we
would lose.  Maybe a sense of openness.

-
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte   \ Tunnlandsvägen 52 \ [EMAIL PROTECTED]
[EMAIL PROTECTED]  \ S-168 36  BROMMA  \ T: +46-708-26 53 44
\  SWEDEN   \
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: Regarding all the spam...

2004-02-24 Thread Lyngmo Ted 
Richard Levitte wrote:
 Ted Lyngmo wrote:
 
  Is it possible to post messages to the mailing list without
  being a member? If so, what would we lose by changing that?
 
 I honestly don't know what we would lose. Maybe a sense of
 openness.

True, but considering how easy it is to become a member, my suggestion is that posting 
to the list is made available for members only.

Kind regards,
Ted Lyngmo
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-02-24 Thread Mads Toftum 
On Tue, Feb 24, 2004 at 01:40:03PM +0100, Richard Levitte - VMS Whacker wrote:
 mads get someone to moderate the list - problem solved.
 
 *cough* you do know what you're talking about, right?
 
yes. Allow members to post and only non-members if moderated through -
I wouldn't suggest it if I didn't do the same for other lists already.

vh

Mads Toftum
-- 
`Darn it, who spiked my coffee with water?!' - lwall

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-02-24 Thread Richard Levitte - VMS Whacker 
In message [EMAIL PROTECTED] on Tue, 24 Feb 2004 13:54:57 +0100, Mads Toftum [EMAIL 
PROTECTED] said:

mads On Tue, Feb 24, 2004 at 01:40:03PM +0100, Richard Levitte - VMS Whacker wrote:
mads  mads get someone to moderate the list - problem solved.
mads  
mads  *cough* you do know what you're talking about, right?
mads  
mads yes. Allow members to post and only non-members if moderated through -
mads I wouldn't suggest it if I didn't do the same for other lists already.

Ah, that form.  Sorry, got confused...

-
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte   \ Tunnlandsvägen 52 \ [EMAIL PROTECTED]
[EMAIL PROTECTED]  \ S-168 36  BROMMA  \ T: +46-708-26 53 44
\  SWEDEN   \
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Regarding all the spam...

2004-02-24 Thread Rich Salz 
 I think I misunderstood that question.  I honestly don't know what we
 would lose.  Maybe a sense of openness.

In the past -- at least, say, 2-3 years ago -- we had a couple of
anonymous posters who made very worthwhile contributions.  Haven't
seen that recently.  Also, it used to be in the spirit of crypto
open source (cypherpunkcs, etc) to allow anon posting because
of the whoele ethos thing.

Probably not worth supporting any more.

/r$

--
Rich Salz  Chief Security Architect
DataPower Technology   http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: Regarding all the spam...

2004-02-24 Thread Ken - Xzone9 Productions 
This chain of email regarding SPAM originated with the topic to reduce
the SPAM in this group email...
The only way to moderate a group email list is to formalize the method
of how it is delivered. If interested people are asked to join as a
member, they can be turned off if proved to be malicious. Otherwise,
anyone can keep sending emails with bad intent in any email name from
yahoo, msn, etc. If they are forced to sign-up each time, they will
eventually go pick on another email group.
In addition, if enough interest is responding, I can post a Bulletin
Board for topics, and people can choose to go there instead of through
group email listings.
I otherwise agree that non-members need to become members to post.

Best Regards;
Ken Hackenberg

[EMAIL PROTECTED]
www.xzone9.com
AOL IM- khkenberg
(480) 726.8579



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Lyngmo Ted
Sent: Tuesday, February 24, 2004 5:41 AM
To: [EMAIL PROTECTED]
Subject: RE: Regarding all the spam...


Richard Levitte wrote:
 Ted Lyngmo wrote:
 
  Is it possible to post messages to the mailing list without being a 
  member? If so, what would we lose by changing that?
 
 I honestly don't know what we would lose. Maybe a sense of openness.

True, but considering how easy it is to become a member, my suggestion
is that posting to the list is made available for members only.

Kind regards,
Ted Lyngmo
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]