Y'all,
In my study of my mailing lists today (both new in MM 2.1, and upgraded from 2.0.13), I made the sad discovery that
generic_nonmember_action = 0
for **all** of my lists. The "bend over and take spam" setting. I noticed that DEFAULT_GENERIC_NONMEMBER_ACTION is set to one in Mailman/Defaults.py, but I don't think this setting works properly. If it did work properly, I would argue that the default should be 2 (reject), not 1 (hold for administrator). Why should the list administrator be bothered with having to tend admin requests from spammers and other idiots?
Jeff A. Earickson, Ph.D Senior UNIX Sysadmin and Email Guru Information Technology Services Colby College, 4214 Mayflower Hill, Waterville ME, 04901-8842 phone: 207-872-3659 (fax = 3076)
Why should the list administrator be bothered with having to tend admin requests from spammers and other idiots?
Jeff,
I assume this is because people are generally more concerned about false positives in spam-checking than they are with having to glance at a few admin requests. I suppose most people would probably be content with rejecting or even discarding the messages, so long as a copy is forwarded to the moderator to make sure it wasn't a valid post, but I know that for most of my lists, I would prefer generic_nonmember_action to by Hold. I assume that administrators of sites that have much higher volumes of spam and whatnot would prefer your suggestion, but I think that administrators of small sites don't have to deal with spam as much.
At any rate, I don't know if the default is great or not, but I support it. I think I might be awfully annoyed if I had just set up Mailman, set up my first list, and my first attempt to send a message to it was automatically rejected, because I'd sent the message from a different e-mail account than I signed up to the list, and because I hadn't read through the many many pages of options for the list.
::shrug:: Just thought I'd toss out my two cents.
Greg
greg@gregwestin.com http://www.gregwestin.com/ Contact info: http://www.gregwestin.com/contact.php
On Wednesday, January 15, 2003, at 02:12 PM, Jeff A. Earickson wrote:
Why should the list administrator be bothered with having to tend admin requests from spammers and other idiots?
Because enough things have changed between 2.0 and 2.1 without changing the default for handling non-member posts.
Bryan
"JAE" == Jeff A Earickson <jaearick@colby.edu> writes:
JAE> In my study of my mailing lists today (both new in MM 2.1,
JAE> and upgraded from 2.0.13), I made the sad discovery that
JAE> generic_nonmember_action = 0
JAE> for **all** of my lists. The "bend over and take spam"
JAE> setting. I noticed that DEFAULT_GENERIC_NONMEMBER_ACTION is
JAE> set to one in Mailman/Defaults.py, but I don't think this
JAE> setting works properly. If it did work properly, I would
JAE> argue that the default should be 2 (reject), not 1 (hold for
JAE> administrator). Why should the list administrator be
JAE> bothered with having to tend admin requests from spammers and
JAE> other idiots?Mailman isn't an anti-spam program, although it has some modest anti-spam defenses. Since there are lots of anti-spam programs out there, it should be pretty easy to install a good anti-spam program upstream of Mailman. I just gave a talk at the MIT spam conference about our approach and will be putting our slides up on the web somewhere soon (probably on spamconference.org -- not sure yet).
BTW, on the train to said conference, I got working a prototype integration of Mailman and spambayes, and I'll probably be checking this into cvs when I get back <wink>. I'd label it as an interesting experiment, but whether it'll be useful remains to be seen. I doubt it will eliminate the need for other upstream spam catching tools.
-Barry
On Sat, 18 Jan 2003 15:43:06 -0500 Barry A Warsaw <barry@python.org> wrote:
:looks pointedly at TMDA (especially for the control addresses).
-- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw@kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live.
Why should the list administrator be bothered with having to tend admin requests from spammers and other idiots?
Jeff,
I assume this is because people are generally more concerned about false positives in spam-checking than they are with having to glance at a few admin requests. I suppose most people would probably be content with rejecting or even discarding the messages, so long as a copy is forwarded to the moderator to make sure it wasn't a valid post, but I know that for most of my lists, I would prefer generic_nonmember_action to by Hold. I assume that administrators of sites that have much higher volumes of spam and whatnot would prefer your suggestion, but I think that administrators of small sites don't have to deal with spam as much.
At any rate, I don't know if the default is great or not, but I support it. I think I might be awfully annoyed if I had just set up Mailman, set up my first list, and my first attempt to send a message to it was automatically rejected, because I'd sent the message from a different e-mail account than I signed up to the list, and because I hadn't read through the many many pages of options for the list.
::shrug:: Just thought I'd toss out my two cents.
Greg
greg@gregwestin.com http://www.gregwestin.com/ Contact info: http://www.gregwestin.com/contact.php
On Wednesday, January 15, 2003, at 02:12 PM, Jeff A. Earickson wrote:
Why should the list administrator be bothered with having to tend admin requests from spammers and other idiots?
Because enough things have changed between 2.0 and 2.1 without changing the default for handling non-member posts.
Bryan
"JAE" == Jeff A Earickson <jaearick@colby.edu> writes:
JAE> In my study of my mailing lists today (both new in MM 2.1,
JAE> and upgraded from 2.0.13), I made the sad discovery that
JAE> generic_nonmember_action = 0
JAE> for **all** of my lists. The "bend over and take spam"
JAE> setting. I noticed that DEFAULT_GENERIC_NONMEMBER_ACTION is
JAE> set to one in Mailman/Defaults.py, but I don't think this
JAE> setting works properly. If it did work properly, I would
JAE> argue that the default should be 2 (reject), not 1 (hold for
JAE> administrator). Why should the list administrator be
JAE> bothered with having to tend admin requests from spammers and
JAE> other idiots?Mailman isn't an anti-spam program, although it has some modest anti-spam defenses. Since there are lots of anti-spam programs out there, it should be pretty easy to install a good anti-spam program upstream of Mailman. I just gave a talk at the MIT spam conference about our approach and will be putting our slides up on the web somewhere soon (probably on spamconference.org -- not sure yet).
BTW, on the train to said conference, I got working a prototype integration of Mailman and spambayes, and I'll probably be checking this into cvs when I get back <wink>. I'd label it as an interesting experiment, but whether it'll be useful remains to be seen. I doubt it will eliminate the need for other upstream spam catching tools.
-Barry
On Sat, 18 Jan 2003 15:43:06 -0500 Barry A Warsaw <barry@python.org> wrote:
:looks pointedly at TMDA (especially for the control addresses).
-- J C Lawrence ---------(*) Satan, oscillate my metallic sonatas. claw@kanga.nu He lived as a devil, eh? http://www.kanga.nu/~claw/ Evil is a name of a foeman, as I live.
participants (5)
-
barry@python.org -
Bryan Fullerton -
Greg Westin -
J C Lawrence -
Jeff A. Earickson