[Mailman-Developers] passwords in third party web archives, newsgroups

[Chuq Von Rospach]

At 7:00 PM -0500 11/5/00, Dan Riley wrote:
>Are the mailman developers at all concerned by
>
>http://www.google.com/search?q=mailman-owner+reminder+password
>http://x66.deja.com/=dnc/getdoc.xp?AN=641175690
>
>This is probably especially a problem with lists that were converted
>from another MLM,

It's an interesting issue. Mailman includes the X-No-Archive header 
in these messages, so anyone who's archiving them anyway isn't 
following the protocol. I'm not sure it's a major issue, and it's an 
end-user mis-behavior at that -- but it's still somewhat troubling 
that it gets into archives and search engines. I'm not sure what 
mailman can do to prevent end-users from shooting themselves in the 
foot here, though.

the passwords are a trivial issue to me. the REAL issue is you have 
mail lists putting up archives that are being put into global search 
engines -- and those archives are full of unprotected email addresses 
just waiting for the spam harvester bots. Compared to that, the 
passwords are nothing -- like dealing iwth a hangnail on a foot with 
gangrene.

and if the lists want their archives to be wide open like that, 
there's not a damn thing Mailman can do to save them from themselves. 
But as long as there are easily harvested email addresses in the 
search engines, the passwords simply aren't something I'm going to 
worry about.

-- 
Chuq Von Rospach - Plaidworks Consulting (mailto:chuqui@plaidworks.com)
Apple Mail List Gnome (mailto:chuq@apple.com)

Be just, and fear not.