[Mailman-Developers] Feature request
Chuq Von Rospach
Mon, 14 May 2001 20:32:17 -0700
On 5/14/01 6:05 PM, "Marc MERLIN" <firstname.lastname@example.org> wrote:
> Looking at it now, it's surprising that this hasn't happened sooner: SF's
> mailman was abused with someone creating a bogus project with a mailing list
> which was then used to subscribe about 10,000 people and then spam them into
It was going to happen sooner or later if you have people allowed to create
stuff without adult supervision.
This has been a continuing discussion in the list-managers area, because of
the problem of places like yahoo groups that allow this kind of thing.
Unfortunately, fi you have a large population, administratively babysitting
them becomes really time intensive, so you have to find 'reasonable'
> - Have a config.db entry: allow web subscribes, that can only be changed by
> the mailman owner (i.e. master password, not list password)
This is one of the basic realities -- either disabling or limiting the size
of web imports until someone has been 'cleared' as a trusted admin. That
would mean some form of vetting procedurel, which means a human body in
place to make sure things are legit. Until that happens, web-loads are
limited to small values (because, honestly, you don't want to bother with
small groups -- at worst, the damage is minimal, and most likely, someone
loading in 100 addresses isn't spamming, the larger the number, the less
likely it's legit).
Unfortunately, while we want to automate stuff, there are places where human
bodies have to step in, and having the human body in place solves 90% of the
problem, because the idiots won't bother trying -- unless they're really
stupid or really arrogant.
My idea is that permission is done on a per-admin basis. Once you've vetted
a guy on one list, you don't want to have to manually re-vet them on their
next list, and the next, and...
And without it, you're limited to 150 subscribers via auto-loads of any
sort, and to be vetted, you have to request permission, and you have to be
findable through a verifiable, non-free e-mail address. That means even if
the list is officially run from, say, email@example.com, you can't be vetted
as admin from there -- there has to be a "real" address, not a throwaway
one. And places like sourceforge get to define 'real' and "throwaway" as
they see fit...