On Tue, Jul 16, 2002 at 10:58:00AM -0700, Chuq Von Rospach wrote:
One thing we're definitely doing is moving to a cloaked archive. Since we already distribute all archives out of HTTP, not FTP, we're working on a CGI that'll strip all e-mail information out of messages on the fly (among other things, like header cleanup and some trivial formatting fixes). The idea is simple -- we've finally hit the point where you can't put an e-mail address up on a public site under any cirucmstance safely, so we're having to move to a system where we simply don't do that.
I'm voting in favor of the lynch mobs you mention later.
No, I mean *really*.
Two or three spammers getting shot; solve the problem right quick.
:-)
I'm going to look and see if I can interface TMDA to the subscriber databases so that subscribers are by definition whitelisted, but we've hit the point where we have to do this. I'm not happy about it, but the war is lost, I think.
And speaking of privacy, harvesting and spamming, a new and disturbing thing happened this weekend that I want to bring up -- one for which I have lots of questions, but no real answers. A bunch of users on some of our mail lists were spammed, and it became very clear very quickly that addresses were harvested off of at least one of our mail lists.
As you might guess, a lynch mob formed, and I lit the first virtual torch and we all sharpened the pitchforks. Fortunately, the person who did it came forward to me and admitted guilt, and explained what happened.
And what happened is pretty damn disturbing. See, he had one of those "I must tell the masses!" moments, where he finally felt it was time to send out a call to arms on a subject he felt strongly about.
So what he did was open up his address book and send his message to everyone in it. And he's running one of these new e-mail clients that happily caches addresses it sees in case you want them again. So all of the addresses of people posting to the mailing lists he subscribed to were in his address book cache, so when he grabbed his address book, he grabbed all of those addresses, too.
So we have a clear violation of our anti-harvesting rules -- yet he didn't overtly harvest. He just grabbed what was in his address book at the time.
This creates a major privacy quagmire. How do you set up rules for something like that? Where does ownership and protection end? (I'm talking ethically, not technically. I think we all realize that once someone posts email to a list, you've given up control to anyone who doesn't feel obligated to follow the rules). This wasn't a case of overtly violating the rules, but of a piece of technology creating a situation where it wasn't understood there were rules being violated.
And this is a *perfect* case that supports what has been my assertion all along -- you non-Libertarians out there, cover your ears and sing -- *it's the recipient's problem*. This case is exactly the illustration I want: I couldn't have written one better from scratch.
It's obvious that the answer is: setting up rules *would* *not* *have* *helped* *here*. Anyone who can demonstrate how it might have is welcome to post. If you send a message, it *has* to have a From address, and, to not violate the standards, that From address has to be valid. We all *want* that to be the case, right?
So what are you going to do?
Outlaw Outlook?
:-)
I just don't know how to deal with the issues this address caching causes.
The answer is that there is no answer. This might be the catalyst -- there had to be one eventually -- that inspires people to upgrade to Mail User Agents with sufficient flexibility to deal with problems like this.
Automatically verifying PGP sigs as a whitelisting technique is merely one approach that springs to mind. There are many more.
Ultimately, we're going to have to rethink our "no harvesting" rules, and likely also write disclaimers explaining what our limits are. We've actually considered switching our lists to obscured addresses, turned that down as being worse than the disease (for now). But now we're wondering if we have to go to some sort of address cloaking ON lists, maybe some kind of address remapping through the server for replies, something. And I'm gritting my teeth at the developers who created those @#$@$#@$#23 caches (which are nice in some ways) for not also creating some way to flag addresses as not cacheable. Because, IMHO, that'd solve this problem.
Yeah, but the Outhouse and OE teams aren't ever going there, and they're your problem.
At some point, if you're going to *have* a mailnbox, you *have* to take responsibility for it.
I stand on the non-enabler platform I've stood on before, as unpleasant as it is. In the end, I'm pretty sure there won't *be* any other options...
I'm curious what people think about this latest thing. The good news is he wasn't trying to harvest us. The bad news is, he wasn't trying to harvest us. And the b-tch of it is, I really don't have a comfortable feeling for how to deal with this new situation yet... But I think it's an issue we have to come to grips with.
See above. ;-)
Are we hitting a point where mail list servers have to act as blind front ends for all of the subscribers, where replies are processed by those servers, and the server then takes on the job of acting as a troll-exterminator and spam blocker? And what does that really mean for things like Mailman?
See less-above.
I've had the same mailbox for 7 years; and *some* mailbox for just about 20. Until I was intemperate enough to put that email address into a poorly chosen slot, I got maybe a couple spams a day... and that address is on 5 or 6 domains, half a dozen web pages, and *ALL OVER* Usenet.
And I *still* only got about half a dozen a day.
Now, it's 25-50.
People are known to say "it's not my fault", when, damnit, it *is* their fault. I'd say we need to make damned sure the problem is what we *think* it is before we "fix" that.
Do you have documentary evidence, Chuq, that web harversters are the *only* way that *a majority* of the spam-complainers addresses could have gotten on those lists? Have you created test-accounts? Not 1 or 2; a couple dozen, in different places?
Happy Macworld Expo week, all. If you need me, I'll be in the war room, beating my head against a wall.
You've got a war room? Cool.
Cheers, -- jra
Jay R. Ashworth jra@baylink.com Member of the Technical Staff Baylink RFC 2100 The Suncoast Freenet The Things I Think Tampa Bay, Florida http://baylink.pitas.com +1 727 647 1274
"If you don't have a dream; how're you gonna have a dream come true?" -- Captain Sensible, The Damned (from South Pacific's "Happy Talk")