As near as I can tell, the only outstanding committee mailing list admin issue is that the list is closed to non-subscribers.
This is a heuristic to avoid spam -- it involves some admin overhead to maintain. [It can be defeated if spammers harvest email addresses and use them to send spam.] Heuristics have an admin cost. It also hurts the committee, at least to some degree, because this approach makes it hard for domain experts (and other people with useful information) to help us out. The advantage of this policy is that it does reduce the amount of spam the list gets. For contrast, contrast http://lists.debian.org/deity/2004/06/threads.html which is relaying spam. Personally, I think we need a better heuristic. My ideal would be a combination of: If the email is signed by some pgp key that we can validate, it's OK. Otherwise, send the user some token (with polite and informative instructions) and if they respond with that token to some control address within a week, forward the message to the list. But I don't know if that's something the admin team is comfortable with. Does anyone have any comments on what's doable or good on the debian servers? I also don't know how the other committee members would feel about this mechanism. [Currently, little traffic is signed, this message included -- I know I like to minimize my key use for a variety of reasons, most related to security. However, this proposal would mean more work for everybody not signing their messages.] Thanks, -- Raul
