-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mar 4, 2008, at 8:13 PM, Cristóbal Palmer wrote:
> On Tue, Mar 04, 2008 at 03:28:22PM -0800, Mark Sapiro wrote: >> >> The Defaults.py setting for DEFAULT_GENERIC_NONMEMBER_ACTION has been >> Hold from the beginning. > > We've recently set this to 3 (Discard) for new lists. Please explain > the argument for keeping the default as Hold for the long term. I > believe it should be Discard, but can think of at least one argument > for keeping the current default. I'd like to hear development team's > line. More and more lists are requiring membership for posting privileges, so I'm sympathetic to this change (but not for 2.1!). OTOH, I think there are ways that we can do this but still relax the constraint for well-known non-members. For example, in MM3 the data model has been improved so that you have a single user object that ties in all your subscriptions. No more multiple passwords or options (unless you want the latter), no more multiple accounts for each of your email addresses. What if in the future, your site had 1400 lists, the membership databases of which were driven from your site's membership rosters. Now, someone you've never heard of before posts to one of your lists. You probably discard this (although there /are/ arguments to be made for some lists holding these messages instead). But let's say that I join your site and register an email address. Now I post to one of your lists which I haven't explicitly subscribed to. But you know me so do you discard the message, hold it, or let it through? Let's say you hold it, and a list admin approves it, saying "hey this guy looks legit". Let's say you do this 5 times across 3 different lists. I'm probably not a spammer, right? So maybe now I can post to all your lists without being held. Anyway, it's things like this that I think can be used to help reduce spamming on the list while letting legitimate traffic through, without Mailman becoming spamassassin. OTOH, in MM3 it'll be much easier to integrate something like spamassassin than it is in MM2. I'm not saying that's a /good/ thing since spam still is better off getting caught in the MTA, but this kind of thing is possible. - -Barry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkfPJycACgkQ2YZpQepbvXHQ8ACgiMNs46R8OcItJtjoCAbIQHaO a2AAnif160xr7GhjOWWQ6Qvcxle7f70R =TyH6 -----END PGP SIGNATURE----- _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
