On 2/18/02 11:58 AM, "Damien Morton" email@example.com wrote:
I would suggest that a naïve/novice net user will be more familiar with web-based forms and web-based email than the email we know.
I did ten years of tech support.. Wanna bet?
You could, actually, be right. But making assumptions is a great way to screw it up. Thought, design and testing are the keys, not guessing.
The first is to enable users to engage list admins and have their problems sorted out, while discouraging or eliminating spam being sent to list admins. For this functionality, a web-based email form can be created. If you dont know the admins email address, you use the form to initiate your conversation.
Some form of obfuscating the email address is needed. But here's the problem. If you use a web-based form to send email to the admin, how do you email the admin to say "did you know your site is broken and none of your pages are working?"
If the form breaks, how do you contact the admin through the form?
That's sort of a worst-case scenario -- but it's also a rather practical one. It happens. So at some point, you need some kind of mailto. But once you do -- it opens you up for spam.
Finding the tradeoffs here is the fun part.
The second issue is to prevent the email addresses of list members from being harvested from the archives.
Short answer; archives go behind a password. You authenticate access. Don't go over-fancy with images and scan/replace stuff. Right now, I have a hardwired password. Once 2.1 hits beta, I plan on working towards a solution that authenticates in apache to a mailman-subscribed address. I simply haven't had time yet.