Charles Marcus wrote:
You replied on list, so I will too...
Not really a very wise idea. When I use my @python.org e-mail address
(which I very rarely do), I speak from a position of a certain amount of
authority on the subject.
If you want to try to have a civilized private conversation with us on the
subject, we can probably find a way to do that.
But if you continue to aggressively and publicly challenge us on our own
mailing list over a topics that were considered dead and buried years ago,
the only likely outcomes are ones that you probably will not like.
though, most discussion lists -
for most people, using the most popular mail clients - operate much more
smoothly when Reply-to munging is implemented.
In your experience. And how many decades have you been specializing in
Internet e-mail systems administration?
How many of the screwed-up MUAs that we talk about have you actually
encountered? None?
So, it is out of ignorance that you say everyone should completely and
totally ignore our advice?
Do you really want to use ignorance as your only defense?
*My* point was simply pointing out that there *is a preference setting*
in the Mailman GUI for changing this, so if someone *wants* to change
it, they obviously *can* - so what difference does the *default* make?
The default makes a huge difference. Ask Microsoft.
In my experience, over 90% never change the defaults on the software they
install, whether you're talking about our mailing list management software
or anything else.
If those defaults are not secure, then they are not secure -- again, go talk
to Microsoft.
There are lots of admins out there who are capable of doing an "apt-get
mailman" (or whatever), and not much beyond that. Therefore, we have to be
extra careful in terms of what is enabled or disabled by default.
There are battered womens shelters who use our software, and some of those
battered women literally do have stalkers coming after them. There are
dissident groups in authoritarian countries that use our software, and some
of those dissident groups really do have the secret police coming after them.
These kinds of things are always in the backs of our minds as we develop and
maintain our software, and while we won't necessarily leave out certain
features of our software just because it could be dangerous if
mis-configured, we certainly do keep in mind the fact that we should
probably ship those features disabled by default.
But as strongly as we hold our views that Reply-To: munging should not be
done, we do acknowledge that there are certain limited circumstances where
it might potentially be acceptable to do this kind of munging -- like when a
company is running an internal discussion list and they want to force all
their employees to keep all replies on the list. And if those employees
screw up and post sensitive private information on the list, then the only
thing at risk is their jobs, and the jobs of any others who might have also
been accidentally exposed.
So, we allow people like you to choose to configure your software
differently. Why can you not accept that we choose to configure the default
for this option to be disabled?
Do you really want to take that fascist approach with us, where we hold an
opinion but we allow you to speak, but you do not in return allow us the
same courtesy?
Sorry, but this isn't true for any mail client I've ever used... ever
heard of copy/cut/paste? Yeah, it requires some manual labor, rather
than clicking a button, but it can still be done.
Just because you have not encountered something does not mean it does not
exist. There are those of us who've actually been around for a while who
have seen all sorts of seriously weird crap.
And your claim that you've never run into this weird crap is not proof that
this weird crap does not and cannot exist.
If someone is dumb enough to send information of such a nature without
actually *looking* at where it is going, then yeah, they might actually
be required to pay the consequences...
Then you be the one to try to explain that to their surviving family
members. Go back to the top of this response and re-read the part where I
talked about who some of our customers are for this software.
And no, as much as I might like to, I'm not going to provide those family
members with firearms, so that they can demonstrate to you the danger that
their dear departed one faced.
I did... I just believe that it is *ideally* correct, but
*realistically* incorrect,
I'm glad you feel privileged that you are the only person on the planet who
should be allowed to define what reality is.
--
Brad Knowles <[EMAIL PROTECTED]>
Member of the Python.org Postmaster Team & Co-Moderator of the
mailman-users and mailman-developers mailing lists
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
