Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Mohsen Moeeni
Quoting Tim Peters [EMAIL PROTECTED]:

 I'm the list admin for zodb-dev, and don't have a preference.  If you do,
 and it's strong enough to scream it, shout.  The loudest screamer will win
 wink.  By default, I won't change the current policy (anyone can post
 here, member or not).
 

As the person who brough it up recently, I _have_ to scream 
for a +1 ;)

Notes:
- People can leave and enjoy their life even if the list
   is not members-only
- But it's better to do that because we receive less spams and
- Because we (wrongly) think spammers will have a harder life
   if we change to a members-only list
- So YES !

Cheers,
Mohsen,


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: zope-dev list policies

2004-06-24 Thread Casey Duncan
-1 on changing the list policy. I read and post to all of the public
lists through Gmane, which won't work if the policy is changed.

I rarely see spam get through list either (unless Gmane is filtering it
all out for me), so I fail to see the problem from that point of view.

-Casey

On Wed, 16 Jun 2004 21:24:07 -0400
Tim Peters [EMAIL PROTECTED] wrote:

 Over on the zope and zope-dev lists, there's currently agitation to
 make them members-only mailing lists.  The point is that spam could
 not get thru then (unless posted by a member).
 
 What would zodb-dev members like?
 
 Posting by a list member would not be affected, unless you attempted
 to send a message from an email account other than one you subscribed
 with.  In the latter case, your message would be bounced back to you.
 
 You could worm around that by subscribing to zodb-dev with that
 address too, then going to your list membership page on the web and
 checking the box to suspend email delivery on that account.  Then you
 could post using that account too, but wouldn't also get zodb-dev
 email on that account.
 
 I'm the list admin for zodb-dev, and don't have a preference.  If you
 do, and it's strong enough to scream it, shout.  The loudest screamer
 will winwink.  By default, I won't change the current policy (anyone
 can post here, member or not).


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Leonardo Rochael Almeida
+1 for member-only posting

On Wed, 2004-06-16 at 22:24, Tim Peters wrote:
 Over on the zope and zope-dev lists, there's currently agitation to make
 them members-only mailing lists.  The point is that spam could not get thru
 then (unless posted by a member).
 
 What would zodb-dev members like?
 [...]
-- 


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] bug day?

2004-06-24 Thread Leonardo Rochael Almeida
This next Friday (25th) is the last friday of the month. Are we going to
have a bugday?

Cheers, Leo


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: Re: CatalogBrains since Zope2.7.1b1

2004-06-24 Thread Santi Camps
   Security was tightened for getObject recently as part of a general
   refactor of that code. I am happy to consider whether the security is
   too tight, in which case it could be backed off a bit.
   Previously getObject performed no security checks and returned objects
   for catalog results regardless of security permissions (it used
   unrestrictedTraverse). I switched it to use restrictedTraverse which
   checks security all the way down on all of the containing folders and on
   the final object itself. This is how path expressions work, for
   example.
I think this new security checks could be a problem in some cases.  They are Ok when 
using restricted code, but from trusted code I'm not sure that force to use 
restrictedTraverse could be considered a goal.
For instance, imagin an application with employees of one department managing dossiers 
with economic data inside.  Employees of accounting department shouldn't have access 
to these dossiers objects, but they need to obtain some reports with a sum of all 
dossiers economic data.   So, accounting department users shouldn't have access to 
dossiers objects, but from reports trusted code these dossiers need to accessed.
I think a possible solution could be an additional optional parameter of .getobject 
used from trusted code when unrestrictedTraverse want to be used.  What do you think  ?
Regards
Santi Camps


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Andrew Sawyers
Leonardo Rochael Almeida wrote:
+1 for member-only posting
On Wed, 2004-06-16 at 22:24, Tim Peters wrote:
 

Over on the zope and zope-dev lists, there's currently agitation to make
them members-only mailing lists.  The point is that spam could not get thru
then (unless posted by a member).
What would zodb-dev members like?
[...]
   

+1
I propose this policy extends to all ZC managed community lists.
Andrew Sawyers
--
Zope Corporation
Software Engineer
(540) 361-1700
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: zope-dev list policies

2004-06-24 Thread Tres Seaver
Leonardo Rochael Almeida wrote:
On Mon, 2004-06-21 at 11:59, Casey Duncan wrote:
-1 on changing the list policy. I read and post to all of the public
lists through Gmane, which won't work if the policy is changed.

I might be wrong but I think this is incorrect. From the headers of this
message you sent it's possible to see that you sent it thru gmane, yet
the From: address is your zope.com address, so you should not have a
problem posting thru the list this way.

I think you got a direct reply (but could be wrong).  I got the original 
mail bounced to me just now.

Tres.
--
===
Tres Seaver[EMAIL PROTECTED]
Zope Corporation  Zope Dealers   http://www.zope.com
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] test: ignore

2004-06-24 Thread Andrew Sawyers
test
--
Zope Corporation
Software Engineer
(540) 361-1700
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Re: zope-dev list policies

2004-06-24 Thread Leonardo Rochael Almeida

On Mon, 2004-06-21 at 11:59, Casey Duncan wrote:
 -1 on changing the list policy. I read and post to all of the public
 lists through Gmane, which won't work if the policy is changed.


 
 I rarely see spam get through list either (unless Gmane is filtering it
 all out for me), so I fail to see the problem from that point of view.
 
 -Casey
 
 On Wed, 16 Jun 2004 21:24:07 -0400
 Tim Peters [EMAIL PROTECTED] wrote:
 
  Over on the zope and zope-dev lists, there's currently agitation to
  make them members-only mailing lists.  The point is that spam could
  not get thru then (unless posted by a member).
  
  What would zodb-dev members like?
  
  Posting by a list member would not be affected, unless you attempted
  to send a message from an email account other than one you subscribed
  with.  In the latter case, your message would be bounced back to you.
  
  You could worm around that by subscribing to zodb-dev with that
  address too, then going to your list membership page on the web and
  checking the box to suspend email delivery on that account.  Then you
  could post using that account too, but wouldn't also get zodb-dev
  email on that account.
  
  I'm the list admin for zodb-dev, and don't have a preference.  If you
  do, and it's strong enough to scream it, shout.  The loudest screamer
  will winwink.  By default, I won't change the current policy (anyone
  can post here, member or not).
 
 
 ___
 Zope-Dev maillist  -  [EMAIL PROTECTED]
 http://mail.zope.org/mailman/listinfo/zope-dev
 **  No cross posts or HTML encoding!  **
 (Related lists - 
  http://mail.zope.org/mailman/listinfo/zope-announce
  http://mail.zope.org/mailman/listinfo/zope )
-- 

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Ken Manheimer
I noticed this when it went initially went by, but didn't have time to 
follow up.  The upshot is that there is absolutely no way *under the 
current arrangement* that this is going to happen.  I can see a way to 
swing it, requiring earnest volunteer effort.  Here are the details.

Being the administrator of many of the zope lists (probably over ten and 
below twenty), i am already dismayed by the challenge of the typically 
thirty to one hundred held spam messages, bounces, and other effluvia i 
have to handle *per day*.  I do not know how many of the legitimate list 
messages would additionally be held and require more attention (with the 
current mailman implementation, it takes a lot more fuss to approve a held 
message than to discard it), but the load is already untenable, so one 
more is too many.

There is an option, however.  It's possible to add moderators to lists, 
separate from list administration privileges.  I would be willing to set 
the lists to hold non-member postings, *if* there were volunteer 
moderators that would actually take care of some significant portion of 
the load - ie, i would not have to approve one non-member (alternate 
address) posting.  (I would not mind occasionally approving a 
non-member/alt-addr posting if the volunteers reduced the spam/bounce 
handling efforts in the process.)

That's the situation.  Are there people that would be willing to volunteer 
for moderation duties?  (Say which lists when you reply - and make sure to 
cc me directly, since i can't read most of the lists i moderate.)

Ken
On Thu, 24 Jun 2004, Andrew Sawyers wrote:
Leonardo Rochael Almeida wrote:
+1 for member-only posting
On Wed, 2004-06-16 at 22:24, Tim Peters wrote:

Over on the zope and zope-dev lists, there's currently agitation to make
them members-only mailing lists.  The point is that spam could not get 
thru
then (unless posted by a member).

What would zodb-dev members like?
[...]

+1
I propose this policy extends to all ZC managed community lists.
Andrew Sawyers

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Andrew Sawyers
Ken Manheimer wrote:
I noticed this when it went initially went by, but didn't have time to 
follow up.  The upshot is that there is absolutely no way *under the 
current arrangement* that this is going to happen.  I can see a way to 
swing it, requiring earnest volunteer effort.  Here are the details.

Being the administrator of many of the zope lists (probably over ten 
and below twenty), i am already dismayed by the challenge of the 
typically thirty to one hundred held spam messages, bounces, and other 
effluvia i have to handle *per day*.  I do not know how many of the 
legitimate list messages would additionally be held and require more 
attention (with the current mailman implementation, it takes a lot 
more fuss to approve a held message than to discard it), but the load 
is already untenable, so one more is too many.

Why would we hold non-member postings for review?  Why not simply 
outright reject them?
Andrew

--
Zope Corporation
Software Engineer
(540) 361-1700
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Ken Manheimer
What proportion of the list traffic comes from valid members who are 
posting from alternate accounts?

On Thu, 24 Jun 2004, Andrew Sawyers wrote:
Ken Manheimer wrote:
I noticed this when it went initially went by, but didn't have time to 
follow up.  The upshot is that there is absolutely no way *under the 
current arrangement* that this is going to happen.  I can see a way to 
swing it, requiring earnest volunteer effort.  Here are the details.

Being the administrator of many of the zope lists (probably over ten and 
below twenty), i am already dismayed by the challenge of the typically 
thirty to one hundred held spam messages, bounces, and other effluvia i 
have to handle *per day*.  I do not know how many of the legitimate list 
messages would additionally be held and require more attention (with the 
current mailman implementation, it takes a lot more fuss to approve a held 
message than to discard it), but the load is already untenable, so one more 
is too many.

Why would we hold non-member postings for review?  Why not simply outright 
reject them?
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Andrew Sawyers
Ken Manheimer wrote:
What proportion of the list traffic comes from valid members who are 
posting from alternate accounts?
A huge percentage was - I don't know how much is making it through to 
the lists though.  I'm hearing a lot of complaints from people either 
third party, seeing it in IRC or from emails off the lists.

I've recently added an increased amount of header and body checks which 
were not being applied yesterday as well as increased spam reject 
features.  This should help - in any event now that it's being blocked 
at the MTA, Mailman's load on the server has went from 2 -3 to ~.5 on 
the server in the last hour.
Andrew

On Thu, 24 Jun 2004, Andrew Sawyers wrote:
Ken Manheimer wrote:
I noticed this when it went initially went by, but didn't have time 
to follow up.  The upshot is that there is absolutely no way *under 
the current arrangement* that this is going to happen.  I can see a 
way to swing it, requiring earnest volunteer effort.  Here are the 
details.

Being the administrator of many of the zope lists (probably over ten 
and below twenty), i am already dismayed by the challenge of the 
typically thirty to one hundred held spam messages, bounces, and 
other effluvia i have to handle *per day*.  I do not know how many 
of the legitimate list messages would additionally be held and 
require more attention (with the current mailman implementation, it 
takes a lot more fuss to approve a held message than to discard it), 
but the load is already untenable, so one more is too many.

Why would we hold non-member postings for review?  Why not simply 
outright reject them?


--
Zope Corporation
Software Engineer
(540) 361-1700
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Ken Manheimer
On Thu, 24 Jun 2004, Andrew Sawyers wrote:
Ken Manheimer wrote:
What proportion of the list traffic comes from valid members who are 
posting from alternate accounts?
A huge percentage was - I don't know how much is making it through to the 
lists though.  I'm hearing a lot of complaints from people either third 
party, seeing it in IRC or from emails off the lists.

I've recently added an increased amount of header and body checks which were 
not being applied yesterday as well as increased spam reject features.  This 
should help - in any event now that it's being blocked at the MTA, Mailman's 
load on the server has went from 2 -3 to ~.5 on the server in the last hour.
Andrew
Huh?  I was specifically talking about the legitimate postings, valid 
members who are posting from alternate accounts, sounds like you're 
talking about spam.

On Thu, 24 Jun 2004, Andrew Sawyers wrote:
Ken Manheimer wrote:
I noticed this when it went initially went by, but didn't have time to 
follow up.  The upshot is that there is absolutely no way *under the 
current arrangement* that this is going to happen.  I can see a way to 
swing it, requiring earnest volunteer effort.  Here are the details.

Being the administrator of many of the zope lists (probably over ten and 
below twenty), i am already dismayed by the challenge of the typically 
thirty to one hundred held spam messages, bounces, and other effluvia i 
have to handle *per day*.  I do not know how many of the legitimate list 
messages would additionally be held and require more attention (with the 
current mailman implementation, it takes a lot more fuss to approve a 
held message than to discard it), but the load is already untenable, so 
one more is too many.

Why would we hold non-member postings for review?  Why not simply outright 
reject them?



___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Andrew Sawyers
Ken Manheimer wrote:
On Thu, 24 Jun 2004, Andrew Sawyers wrote:
Ken Manheimer wrote:
What proportion of the list traffic comes from valid members who are 
posting from alternate accounts?

A huge percentage was - I don't know how much is making it through to 
the lists though.  I'm hearing a lot of complaints from people either 
third party, seeing it in IRC or from emails off the lists.

I've recently added an increased amount of header and body checks 
which were not being applied yesterday as well as increased spam 
reject features.  This should help - in any event now that it's being 
blocked at the MTA, Mailman's load on the server has went from 2 -3 
to ~.5 on the server in the last hour.
Andrew

Huh?  I was specifically talking about the legitimate postings, valid 
members who are posting from alternate accounts, sounds like you're 
talking about spam.

Yeah, I was.  Misunderstood.  Others will have to answer this for 
themselves.  I've said my peace - so that's enough for me.
Andrew

--
Zope Corporation
Software Engineer
(540) 361-1700
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] bug day?

2004-06-24 Thread Chris Withers
Leonardo Rochael Almeida wrote:
This next Friday (25th) is the last friday of the month. Are we going to
have a bugday?
Yes, sorry, I've been slack announcing it, but just done now...
Chris
--
Simplistix - Content Management, Zope  Python Consulting
   - http://www.simplistix.co.uk
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


RE: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Tim Peters
[Ken Manheimer]
 I noticed this when it went initially went by, but didn't have time to
 follow up.  The upshot is that there is absolutely no way *under the
 current arrangement* that this is going to happen.  I can see a way to
 swing it, requiring earnest volunteer effort.  Here are the details.

I think you have something different in mind than was being discussed.
Members only comes in several flavors.  You seem to have the ... and
non-member posts are held for moderator review flavor in mind.  That wasn't
suggested.  Two other flavors were:

- ... and non-member posts are rejected.  No messages are held for
  moderator review then.  A would-be poster with a legitimate email
  address gets an auto-generated rejection reply msg.  Since most
  rejection msgs would go to bogus addresses on spam and virus
  email, m.z.o gets another bounce back for most attempts to send a
  rejection reply.

- ... and non-member posts are discarded.  No messages are held for
  moderator review then.  Non-member posts go to the bit bucket, without
  comment or recourse.

 Being the administrator of many of the zope lists (probably over ten and
 below twenty), i am already dismayed by the challenge of the typically
 thirty to one hundred held spam messages, bounces, and other effluvia i
 have to handle *per day*.  I do not know how many of the legitimate list
 messages would additionally be held and require more attention (with the
 current mailman implementation, it takes a lot more fuss to approve a
 held message than to discard it), but the load is already untenable, so
 one more is too many.

 There is an option, however.  It's possible to add moderators to lists,
 separate from list administration privileges.  I would be willing to set
 the lists to hold non-member postings, *if* there were volunteer
 moderators that would actually take care of some significant portion of
 the load - ie, i would not have to approve one non-member (alternate
 address) posting.  (I would not mind occasionally approving a
 non-member/alt-addr posting if the volunteers reduced the spam/bounce
 handling efforts in the process.)

In my (limited but real wink) experience, this doesn't work.  Without a
single clear owner, postings held for review eventually grow to unmanageable
bulk.  Nobody enjoys the moderation task, it does consume time, and when
there are multiple moderators they all eventually reach a point of believing
that someone else can handle it for a while.  After a few days go by like
that, a co-moderator who is able to make some time logs in and finds such a
backlog that they decide they have more urgent work to attend to.  Then it
snowballs out of control.  We had a clear example of this about a month ago,
when the backlog of python-help messages waiting for review reached
thousands.  At that point the only realistic option was to discard all of
them, effectively making python-help the ... and non-member posts are
discarded list flavor.

The only ... and non-member posts are held for review list I moderate that
works is the PSF Board mailing list.  That works because I'm the only
moderator, legit traffic on it is very light, and I know enough Visual Basic
to automate the reject/approve process without leaving Outlook wink.

 ...
 That's the situation.  Are there people that would be willing to
 volunteer for moderation duties?  (Say which lists when you reply - and
 make sure to cc me directly, since i can't read most of the lists i
 moderate.)

The rub is that mailing lists are open 24 hours per day, 365.2425 days per
year, and virus/spam traffic keeps increasing.  Good intentions get crushed
by that reality.

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Re: CatalogBrains since Zope2.7.1b1

2004-06-24 Thread Dieter Maurer
Casey Duncan wrote at 2004-6-18 09:58 -0400:
 ...
Security was tightened for getObject recently as part of a general
refactor of that code. I am happy to consider whether the security is
too tight, in which case it could be backed off a bit.

I think, you should only require access rights to the object itself
and not to all folders from the root to the object.

It is not uncommon that upper levels are more restricted than
subhierarchies. This is what Zope's URL traversal
allows: Only the object identified by URL traversal is
accessed checked.

That ZCatalog identifies objects by physical path is an implementation
artifact. It should not make it impossible to access an
object via the catalog that otherwise can be accessed without
problem.

 ...
For hysterical raisins, REQUEST.traverse() does not behave this way. It
instead checks only the final object traversed.
That's a good behaviour...

-- 
Dieter
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


RE: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Ken Manheimer

On Thu, 24 Jun 2004, Tim Peters wrote:
[Ken Manheimer]
I noticed this when it went initially went by, but didn't have time to
follow up.  The upshot is that there is absolutely no way *under the
current arrangement* that this is going to happen.  I can see a way to
swing it, requiring earnest volunteer effort.  Here are the details.
I think you have something different in mind than was being discussed.
Members only comes in several flavors.  You seem to have the ... and
non-member posts are held for moderator review flavor in mind.  That wasn't
suggested.  Two other flavors were:
- ... and non-member posts are rejected.  No messages are held for
 moderator review then.  A would-be poster with a legitimate email
 address gets an auto-generated rejection reply msg.  Since most
 rejection msgs would go to bogus addresses on spam and virus
 email, m.z.o gets another bounce back for most attempts to send a
 rejection reply.
- ... and non-member posts are discarded.  No messages are held for
 moderator review then.  Non-member posts go to the bit bucket, without
 comment or recourse.
In either mode, essentially, list members would be able to get postings to 
the list only from their registered account.  I don't have a confident 
guess about whether that would be prohibitive to any or many.  I suppose 
we could try it and see whether how it sits with people.

There's also the incidental considerations - both modes have drawbacks.
As you point out, non-member-posting-rejection increases the incidental 
mail spew being sent to zope.org, not insignificantly.

Non-member-posting-discard mode means some percentage of posters will have 
their postings discarded, and some percentage of those will fail to notice 
it never showed.  I think that kind of failure mode leads to really bad, 
insidious problems, and don't think it's an acceptable kind of noise to 
put into a system, so i would be a solid -1 on it.

So i could see giving a try to non-member-posts-rejected, if the 
membership thinks the added inconvenience is worth the reduced spam.  I 
have the impression, though, that the spam on most of the high-traffic
zope.org maillists is relatively low-proportion.  Am i mistaken?

[...]
There is an option, however.  It's possible to add moderators to lists,
separate from list administration privileges.  I would be willing to set
the lists to hold non-member postings, *if* there were volunteer
moderators that would actually take care of some significant portion of
the load - ie, i would not have to approve one non-member (alternate
In my (limited but real wink) experience, this doesn't work.  Without a
single clear owner, postings held for review eventually grow to unmanageable
bulk.  Nobody enjoys the moderation task, it does consume time, and when
there are multiple moderators they all eventually reach a point of believing
that someone else can handle it for a while.  After a few days go by like
that, a co-moderator who is able to make some time logs in and finds such a
backlog that they decide they have more urgent work to attend to.  Then it
snowballs out of control.  We had a clear example of this about a month ago,
when the backlog of python-help messages waiting for review reached
thousands.  At that point the only realistic option was to discard all of
them, effectively making python-help the ... and non-member posts are
discarded list flavor.
Well, that's useful info.
The only ... and non-member posts are held for review list I moderate that
works is the PSF Board mailing list.  That works because I'm the only
moderator, legit traffic on it is very light, and I know enough Visual Basic
to automate the reject/approve process without leaving Outlook wink.
Reject (actually, discard) is pretty easy - you just have to reply to a 
particular attachment in the held-message notice.  (I **wish** the 
confirmation message for the discard would indicate that a discard 
happened - instead, it says Confirmation succeeded, which is nearly 
worse than no feedback at all, because it sounds like my discard 
instrucation was taken as an approval.  But i haven't taken the time to do 
anything about it, sigh.)  Never tried approval-via-reply, since i'm 
afraid of screwing up the header, and mostly don't have to do emailled 
approvals, anyway.

Ken
[EMAIL PROTECTED]
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Michael Bernstein
Ken Manheimer wrote:
I noticed this when it went initially went by, but didn't have time to 
follow up.  The upshot is that there is absolutely no way *under the 
current arrangement* that this is going to happen.  I can see a way to 
swing it, requiring earnest volunteer effort.  Here are the details.

Being the administrator of many of the zope lists (probably over ten and 
below twenty), i am already dismayed by the challenge of the typically 
thirty to one hundred held spam messages, bounces, and other effluvia i 
have to handle *per day*.  I do not know how many of the legitimate list 
messages would additionally be held and require more attention (with the 
current mailman implementation, it takes a lot more fuss to approve a 
held message than to discard it), but the load is already untenable, so 
one more is too many.
I believe the proposal wasn't to *hold* non-member emails, but to bounce 
them or discard them, so your workload should actually be reduced.

--
- Michael R. Bernstein  |  Author of Zope Bible
  michaelbernstein.com  |   Zope.org Webmaster
 panhedron.com  |PythonPhotos.org
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Re: zope-dev list policies

2004-06-24 Thread Michael Bernstein
Casey Duncan wrote:
-1 on changing the list policy. I read and post to all of the public
lists through Gmane, which won't work if the policy is changed.
Umm... Why wouldn't this work? Isn't Gmane a subscriber?
--
- Michael R. Bernstein  |  Author of Zope Bible
  michaelbernstein.com  |   Zope.org Webmaster
 panhedron.com  |PythonPhotos.org
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


RE: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Tim Peters
[Ken Manheimer]
 In either mode, essentially, list members would be able to get postings
 to the list only from their registered account.

Or accounts.  When I've faced a list like this as a user, I've subscribed
multiple times, once from each account I'm likely to post from, but set the
no delivery option on all but the primary (IMO) subscription.  This is
something users can do on their own.

 I don't have a confident guess about whether that would be prohibitive
 to any or many.  I suppose we could try it and see whether how it sits
 with people.

So far, the people who post from only one account have insisted it won't
make real trouble for anyone wink.  I don't know how it works for people
posting from gmane.

 There's also the incidental considerations - both modes have drawbacks.

Yes, but all modes have drawbacks, including the status quo.

 ...
 So i could see giving a try to non-member-posts-rejected,

That would actually lighten *our* (list admin) loads.  Nobody is sympathetic
to that except us, of course.  Even with the current open list policy, I
still get a ridiculous number of messages held for review.

 if the membership thinks the added inconvenience is worth the reduced
 spam.

There won't be consensus on this.  Votes on zodb-dev have been about
evenly split, and I don't expect that will change.

 I have the impression, though, that the spam on most of the high-traffic
 zope.org maillists is relatively low-proportion.  Am i mistaken?

No idea -- my personal SB filter spares me from seeing almost all junk email
from all sources, and I get a few hundred of them per day.  By far the
biggest source is bounces to [EMAIL PROTECTED], due to viruses and spam
forged to appear as if sent from [EMAIL PROTECTED]  Compared to that
load, every other source is in the noise for me.

 ...
 Reject (actually, discard) is pretty easy - you just have to reply to a
 particular attachment in the held-message notice.

Approval is the same process (at least under a current-enough Mailman),
except you need to put an

Approved: list password

line in the headers, or as the body of the reply.  My VBA code knows the
list passwords for the various mailing lists, and discard/approve is just a
matter of clicking a button for me (one button for discard, another for
approve).  It still takes real time to open and review the messages Mailman
is asking about, though.

 (I **wish** the confirmation message for the discard would indicate
 that a discard happened - instead, it says Confirmation succeeded,
 which is nearly worse than no feedback at all, ...

Even worse, it says exactly the same thing for an approved message.  But
wouldn't Barry be a better recipient for this rant wink?

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: Zope-Dev Digest, Vol 11, Issue 23

2004-06-24 Thread St├ęphane JULIEN
Attention!

  It seems you have got a virus on your machine!
  Please make sure you have the latest update of your virus scanner
  and check all your files right away!

Take care,
 [EMAIL PROTECTED]

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] BP server

2004-06-24 Thread Bill
Title: New Page 1







We 
offer Bullet-Proof dedicated servers:

  

  
Two 
IPs
512MB RAM DDR
P
36 GB SCS
Dedicated 100 M fiber
Unlimited Data Transfer
Linux/Windows/FreeBSD

  
  
Three 
IPs
1024MB RAM DDR
P / Two CPU
72 GB SCS
Dedicated 100 M fiber
Unlimited Data Transfer
Linux/Windows/FreeBSD

  
  
Dynamic 
IP
1024MB RAM DDR
P / Two CPU
72 GB SCS
Dedicated 100 M fiber
Unlimited Data Transfer
Linux/Windows/FreeBSD

  


  
Price: 
No setup fee
 US$ 599.00/month
  
  
Price: 
No setup fee
 US$ 799.00/month
  
  
Price: 
No setup fee
 US$ 999.00/month
  

  

More 
Information

We can supply Target Email Addresses according to your requirements, and
send out Target Emails for you (Or Fax Broadcasting).

For more information, contact us:[EMAIL PROTECTED] 
or [EMAIL PROTECTED]

Looking forward to serving you in the near future.

Cheers!

Mr Bell
Sales Support


Receiving this email because you registered to receive special offers from us.
Please click here to off:[EMAIL PROTECTED]





___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


RE: [Zope.Com Geeks] Re: [Zope-dev] zope-dev list policies

2004-06-24 Thread Mohsen Moeeni
Quoting Tim Peters [EMAIL PROTECTED]:

 
 No idea -- my personal SB filter spares me from seeing almost all junk email
 from all sources, and I get a few hundred of them per day.  By far the
 biggest source is bounces to [EMAIL PROTECTED], due to viruses and spam
 forged to appear as if sent from [EMAIL PROTECTED]  Compared to that
 load, every other source is in the noise for me.

Just a quick note. Even if all members use anti-spam 
software to solve their spam problems, spams will still
reside in the archives and make there dirty -I beleive-
almost forever (unless you install a spam-filter for the
archives too)

Mohsen,
___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] No place like home

2004-06-24 Thread capital advisor



  

  
  
  Hello
  dejEar homHe owner,
  We 
  ha2wve bee/n n"oti%fied that you[r
  mortgagoe ra`te is fvi`xe}d at a very
  hig+h inJterest r!ate. Therefore you ar&e
  cu.rrent ove)rpaying, wh|ic_h s*uMwms-uDp to
  thcRousZDands of dollCyars annually .
  
  Luckily
  for you w@e c-an
  guarantee th[e lowest rat;es
  in the UXK.S. (3#.50*%). Swo hurry becfsause
  the raSZtse forecast is n!ot loo0k$ing good! 
  
  There iuvs no obl!igations,
  anWd iht Fg0REE
  
  Lock on the 3.5*0%, e|ven
  with bad credvit!
  


  



Clic8k Here Nygow Fo1Or De!tail:s
  


  

  

  





REMKOVE HE$RE



___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )