On Aug 25, 2009, at 1:35 AM, Stephen J. Turnbull wrote:
Rich Kulawiec writes:Pretending that address obfuscation in mailing list [or newsgroup] archives will have any meaningful effect on this process gives users a false sense of security and has zero anti-spam value.You're missing the point. Our (often non-technical) users demand this feature. Even our technical audience (see Siggy's parallel post forexample) perceives benefits from obfuscation, based on empirical tests.So you can explain why, in theory and in practice, obfuscation doesn't work. But the user base will (stubbornly, if you like) refuse to accept your logic.
As usual, Stephen hits the nail on the head.I can't disagree with much in Rich's post, and yet it's likely that we'll still obfuscate and/or conceal email addresses in the archives because users will demand it. You can and should educate them, but this is not a battle I wish to fight because I think we can't win it.
The costs of obfuscation are 1) increased code complexity; 2) denying legitimate third party uses. 1) is not insignificant. Regexp filters are tricky/impossible to get 100% right, but not too bad to get maybe 90% right. They are low fidelity because scanning headers isn't enough; people embed email addresses in all kinds of weird places in the body and HTML filtering is brain hurty. Obfuscation techniques will be busted so only concealment is future proof. This is all pretty boring coding though.
2) is more interesting. What kinds of uses are we talking about? You see a message in an archive from three years ago and you want to contact the OP about it? Why not just follow up and contact the mailing list? IOW, if there was an easy way to inject yourself into an old thread, perhaps one that was created before you joined the list, wouldn't that cover a large part of the use case?
Do you want to be contacted off-list for on-list topics? Well, things like an email forwarding service could solve that, although I think it's not worth the effort as much as the first use case. What other kinds of legitimate third party uses does obfuscation/concealment prevent?
-Barry
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
