On 2/20/02 9:31 AM, "Jay R. Ashworth" jra@baylink.com wrote:
But I still think it's important to keep firmly uppermost in our minds here that the spam is not *caused* by the mailing list.
Nor is it caused by Google
It's *caused* by the spammers.
And burglary is not caused by my owning nice things, either. It's caused by burglars. But that's no excuse to not put locks on the doors.
I realize that we have practical considerations to deal with which are much closer to our feet, but I think that it's quite important that we don't lose sight of the forest for the trees.
See, here's our disagreement here. You're saying "put the damn burglars in jail already!" and I'm saying "I agree, but until that's done, I still think I'm installing that deadbolt on the front door".
You're right, Jay, but does being right matter? Unless you know how to stop the spammers, it's a pyhrric victory -- because it does nothing to protect yourself from the spammers.
Even with a good deadbolt, burglaries still happen. Is that an excuse not to put the deadbolt on in the first place? No.
I personally can't think of any method of programmatically obscuring email addresses that can't be programmatically reversed.
Have you seen what slashdot is doing? I think it has promise, because while it's still reversible programmatically, it makes it much more difficult to do. Will they still get harvested? Most likely. But not nearly as quickly as most other sites, and it's going to make the spambots crazy trying to eat each page looking to figure out if it knows which obfuscation to de-obfuscate.
But I've been thinking about this, and I want to throw a couple of ideas out. I'm speaking just of the admin-access issue, not archives.
Admin-access has three components to it, all in conflict.
The list admin needs to be accessible to everyone, not just subscribers.
the list admin shouldn't be an open target to spam.
Someone has to be accessible for problem reports even if the Mailman
system is malfunctioning.
That third point is a bit of a shift. I've come to the thought (and we can argue it) that LIST admins don't need to be accessible if MAILMAN fails. The MAILMAN admin does. And I think the chances are good that the MAILMAN admin is more likely than not also the person who gets abuse@, root@, postmaster@, so the SITE admin mailbox is already wide open to all these idiots. Making it wide open to mailman spam simply isn't significant.
That, basically, allows us to stuff mailtos somewhere pointing to an address you can mail to to report site failures. I'll even go farther and say that address can simply be on a web page, not linked to a Mailto, and if you really, reallly want, obscure it further as a JPG or something. But I think that's all overkill, given that spammers now automatically spam root/postmaster/etc on domains anyway.
That takes care of the "access in case of failure" mode, mostly by, frankly, simply annointing ONE person (the site admin) as "it" for open access. Not great, but it's sure better than making all admins deal with it.
That then allows us to deal with (1) and (2). Which means we can now put admin access behind some kind of web interface. And - we already have 80% of that, in the current admin interface.
So I recommend this:
You no longer advertise admin's real addresses. Instead, you advertise a feedback that sends messages to the admin, to discourage mailing directly. A year ago, I probably would have insisted on SOME kind of email contact point, but frankly -- the percentage of users who can't use a web page is pretty much zero now.
when you contact a list admin, that message is sent in like existing admin stuff -- the the mailman/admindb/listname page.
The admin stuff is extended to not only handle moderation requests, but also to handle admin email, allowing an admin to delete, respond, send a standard form letter, forward, or whatever.
And since 2.1 has better filtering capabilities, we get those filtering capabilities for free on incoming admin email. And this stuff isn't thrown in an admin's mailbox -- it's dealt with as part of the normal admin list functions, reducing the interruption/hassle factor. And the admin addresses won't end up in spammer databases, because they no longer exist.
Thoughts? It's not perfect, but now only one guy is "it", and the admins are accessible but protected -- and can better separate their list-admin "me" from their real "me" on top of it. And the site admin is more likely IMHO to be capable of managing their mailbox from spam than forcing all list admins to learn how to do that...