[Mailman-Developers] passwords in third party web
archives, newsgroups
Chuq Von Rospach
chuqui@plaidworks.com
Mon, 6 Nov 2000 11:03:08 -0800
At 7:00 PM -0500 11/5/00, Dan Riley wrote:
>Are the mailman developers at all concerned by
>
>http://www.google.com/search?q=mailman-owner+reminder+password
>http://x66.deja.com/=dnc/getdoc.xp?AN=641175690
>
>This is probably especially a problem with lists that were converted
>from another MLM,
It's an interesting issue. Mailman includes the X-No-Archive header
in these messages, so anyone who's archiving them anyway isn't
following the protocol. I'm not sure it's a major issue, and it's an
end-user mis-behavior at that -- but it's still somewhat troubling
that it gets into archives and search engines. I'm not sure what
mailman can do to prevent end-users from shooting themselves in the
foot here, though.
the passwords are a trivial issue to me. the REAL issue is you have
mail lists putting up archives that are being put into global search
engines -- and those archives are full of unprotected email addresses
just waiting for the spam harvester bots. Compared to that, the
passwords are nothing -- like dealing iwth a hangnail on a foot with
gangrene.
and if the lists want their archives to be wide open like that,
there's not a damn thing Mailman can do to save them from themselves.
But as long as there are easily harvested email addresses in the
search engines, the passwords simply aren't something I'm going to
worry about.
--
Chuq Von Rospach - Plaidworks Consulting (mailto:chuqui@plaidworks.com)
Apple Mail List Gnome (mailto:chuq@apple.com)
Be just, and fear not.