On Tue, Jul 16, 2002 at 10:58:00AM -0700, Chuq Von Rospach wrote: > One thing we're definitely doing is moving to a cloaked archive. Since we > already distribute all archives out of HTTP, not FTP, we're working on a CGI > that'll strip all e-mail information out of messages on the fly (among other > things, like header cleanup and some trivial formatting fixes). The idea is > simple -- we've finally hit the point where you can't put an e-mail address > up on a public site under any cirucmstance safely, so we're having to move > to a system where we simply don't do that.
I'm voting in favor of the lynch mobs you mention later. No, I mean *really*. Two or three spammers getting shot; solve the problem right quick. :-) > I'm going to look and see if I can interface TMDA to the subscriber > databases so that subscribers are by definition whitelisted, but we've hit > the point where we have to do this. I'm not happy about it, but the war is > lost, I think. > > And speaking of privacy, harvesting and spamming, a new and disturbing thing > happened this weekend that I want to bring up -- one for which I have lots > of questions, but no real answers. A bunch of users on some of our mail > lists were spammed, and it became very clear very quickly that addresses > were harvested off of at least one of our mail lists. > > As you might guess, a lynch mob formed, and I lit the first virtual torch > and we all sharpened the pitchforks. Fortunately, the person who did it came > forward to me and admitted guilt, and explained what happened. > > And what happened is pretty damn disturbing. See, he had one of those "I > must tell the masses!" moments, where he finally felt it was time to send > out a call to arms on a subject he felt strongly about. > > So what he did was open up his address book and send his message to everyone > in it. And he's running one of these new e-mail clients that happily caches > addresses it sees in case you want them again. So all of the addresses of > people posting to the mailing lists he subscribed to were in his address > book cache, so when he grabbed his address book, he grabbed all of those > addresses, too. > > So we have a clear violation of our anti-harvesting rules -- yet he didn't > overtly harvest. He just grabbed what was in his address book at the time. > > This creates a major privacy quagmire. How do you set up rules for something > like that? Where does ownership and protection end? (I'm talking ethically, > not technically. I think we all realize that once someone posts email to a > list, you've given up control to anyone who doesn't feel obligated to follow > the rules). This wasn't a case of overtly violating the rules, but of a > piece of technology creating a situation where it wasn't understood there > were rules being violated. And this is a *perfect* case that supports what has been my assertion all along -- you non-Libertarians out there, cover your ears and sing -- *it's the recipient's problem*. This case is exactly the illustration I want: I couldn't have written one better from scratch. It's obvious that the answer is: setting up rules *would* *not* *have* *helped* *here*. Anyone who can demonstrate how it might have is welcome to post. If you send a message, it *has* to have a From address, and, to not violate the standards, that From address has to be valid. We all *want* that to be the case, right? So what are you going to do? Outlaw Outlook? :-) > I just don't know how to deal with the issues this address caching causes. The answer is that there is no answer. This might be the catalyst -- there had to be one eventually -- that inspires people to upgrade to Mail User Agents with sufficient flexibility to deal with problems like this. Automatically verifying PGP sigs as a whitelisting technique is merely one approach that springs to mind. There are many more. > Ultimately, we're going to have to rethink our "no harvesting" rules, and > likely also write disclaimers explaining what our limits are. We've actually > considered switching our lists to obscured addresses, turned that down as > being worse than the disease (for now). But now we're wondering if we have > to go to some sort of address cloaking ON lists, maybe some kind of address > remapping through the server for replies, something. And I'm gritting my > teeth at the developers who created those @#$@$#@$#23 caches (which are nice > in some ways) for not also creating some way to flag addresses as not > cacheable. Because, IMHO, that'd solve this problem. Yeah, but the Outhouse and OE teams aren't ever going there, and they're your problem. At some point, if you're going to *have* a mailnbox, you *have* to take responsibility for it. I stand on the non-enabler platform I've stood on before, as unpleasant as it is. In the end, I'm pretty sure there won't *be* any other options... > I'm curious what people think about this latest thing. The good news is he > wasn't trying to harvest us. The bad news is, he wasn't trying to harvest > us. And the b-tch of it is, I really don't have a comfortable feeling for > how to deal with this new situation yet... But I think it's an issue we have > to come to grips with. See above. ;-) > Are we hitting a point where mail list servers have to act as blind front > ends for all of the subscribers, where replies are processed by those > servers, and the server then takes on the job of acting as a > troll-exterminator and spam blocker? And what does that really mean for > things like Mailman? See less-above. I've had the same mailbox for 7 years; and *some* mailbox for just about 20. Until I was intemperate enough to put that email address into a poorly chosen slot, I got maybe a couple spams a day... and that address is on 5 or 6 domains, half a dozen web pages, and *ALL OVER* Usenet. And I *still* only got about half a dozen a day. Now, it's 25-50. People are known to say "it's not my fault", when, damnit, it *is* their fault. I'd say we need to make damned sure the problem is what we *think* it is before we "fix" that. Do you have documentary evidence, Chuq, that web harversters are the *only* way that *a majority* of the spam-complainers addresses could have gotten on those lists? Have you created test-accounts? Not 1 or 2; a couple dozen, in different places? > Happy Macworld Expo week, all. If you need me, I'll be in the war room, > beating my head against a wall. You've got a war room? Cool. Cheers, -- jra -- Jay R. Ashworth [EMAIL PROTECTED] Member of the Technical Staff Baylink RFC 2100 The Suncoast Freenet The Things I Think Tampa Bay, Florida http://baylink.pitas.com +1 727 647 1274 "If you don't have a dream; how're you gonna have a dream come true?" -- Captain Sensible, The Damned (from South Pacific's "Happy Talk") _______________________________________________ Mailman-Developers mailing list [EMAIL PROTECTED] http://mail.python.org/mailman-21/listinfo/mailman-developers
