On Mar 4, 2008, at 3:28 PM, Mark Sapiro wrote:
- Don't create backscatter aliases for subscribe/unsubscribe/etc by default. Nearly everyone uses web based signup.
Do you have data to back up this assertion?
Sure. I used to work for an ISP with 1400 lists and ~4 million
subscribers across them. I disabled all the backscatter aliases 4
years ago, and haven't heard a single complaint. I expected at least
one complaint, but never got one. (whining from people who I asked
to change their web page about their mailing list, but not a single
complaint from an actual user)
Even if we wanted to do this, it is non-trivial. All confirmation messages and their templates and translations would have to be changed to remove references to confirmation by email.
Text changes are trivial. Code changes require work/testing/etc.
- Discard or hold messages from non-subscribers by default.
The Defaults.py setting for DEFAULT_GENERIC_NONMEMBER_ACTION has been Hold from the beginning.
Perhaps you are thinking of the respond_to_post_requests setting.
*shrug* I don't remember the difference offhand. I don't run that
mailman instance any more, I just deal with the backscatter abuse
reports.
Do you object to any response at all, or just to responses that
include the original message text?
Any response sent to an innocent victim of forgery.
If the former, then you must object to DSNs from MTAs as well. If the latter, that is planned to be addressed in Mailman 2.2.
Of course we object to DSNs from MTAs. No shipping mailserver
currently sends DSNs to accepted mail by default. Most of them
haven't for like 10 years. And yes, we absolutely ban qmail from use
unless the person patches it to the moon to solve its problems.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness