[Mailman-Developers] Opening up a few can o' worms here...
Jay R. Ashworth
jra@baylink.com
Wed, 17 Jul 2002 00:22:53 -0400
On Tue, Jul 16, 2002 at 07:57:44PM -0700, Chuq Von Rospach wrote:
> On 7/16/02 5:49 PM, "Jay R. Ashworth" <jra@baylink.com> wrote:
> > On Tue, Jul 16, 2002 at 05:07:48PM -0700, Chuq Von Rospach wrote:
> >> in contact with the author of a message? If the archive is scrubbed, that
> >> info is gone. And (god forbid), you get into a legal tangle?
>
> > the archives by anything I know about -- you *are* familiar with the
> > term "retention policy", right? :-)
>
> True, but let me rephrase with the situation I should have used in the first
> place. Two of your users get into a fight on the list. One of them finally
> says some variation of "you are a dead man". Three weeks later, the other
> guy's house burns down because of arson, and all you have is an archive with
> no identifying information in it....
Well, ok... but in a case like that, your mailer logs would likely have
the appropriate information. But still, as rare as such a circumstance
is, I don't see that you have any moral obligation to be *that* prepared.
> >> archiving system (one file per message) via a perl script. We're about to
> >> take our new search engine out of beta with the thing, finally.
> >
> > I hope you're de heirarchicalizing the directories.
>
> I'm confused. What are you suggesting?
>
> (FWIW, our structure is <listname>/yyyy/mm/dd/)
That answers my question: I *knew* you knew better than to throw 30k
files in one directory...
> > Some places put spaces in mailbox names -- you'd better deal with
> > quoted LHS's.
>
> I know. That's one of the things we need to evaluate still.
Mutt's highlighting regexes are pretty decent, but I don't know that
*any* RE can match both quoted and non-quoted mailbox names reliably.
There's an argument going on somewhere else right now -- I thought it
was bugtraq, but I seem to have misplaced the message -- about whether
email addresses can have an RHS that terminates in a .
The poster says no way, I say that 2821 and 1034/5 say yes.
> > Well, no: reply-to should be ADDRESS-REMOVED-FOR-SECURITY, and the pain
> > should be pointed at the list admin.
>
> No, I don't agree. You still, at least in theory, want users to have a
> conversation. But by cloaking on the address, you are, effectively, forcing
> that conversation to go through the list under all circumstances. So
> reply-to should go to the list, not the admin.
No, I was merely trying to avoid people getting in the habit of
replying to lists; I disagree with munging even here. It sets a bad
example. But I'm a purist, and don't have to catch the bullets, so
what do I know?
> >> that step further, but you could also set it up so validated subscribers
> >> could get to the real addresses.
> >
> > That would be a bit helpful, but *does* fundamentally change what the
> > package is doing.
>
> Yeah. It's a fairly significant hunk o' code, AND it requires, basically,
> that '*@some.domain' be forwarded to the server for processing. Or at a very
> minimum, an LDAP lookup for valid addresses, because trying to manage that
> as an alias file or some static structure would be deadly.
I might have gotten list (ok, I was trying to type ' l o s t ' there,
but my hands refuse to cooperate; hell with it, it's a good pun)
here...
> >> using the remailer address in mail that leaves the site, but a subscriber
> >> could go to the list system and look a user up. That gets us away from the
> >> politics of the anonymous stuff.
> >
> > But conversely, if subs can see real addresses in real messages, you're
> > only one step away from the harvesting problem you mentioned earlier.
>
> Yes, but it keeps it out of those !@#$@%@$#@!@#@! automatic caches. And in
> theory, you could tell if someone started harvesting, because the system
> could be taught to watch for systematic walks through the database.
And you could actually verp the addresses, if you had enough
horsepower, making 'backtracing', per se, unnecessary -- you'd *know*
who sent the mail.
Debugging, of course, would be murder, and admin-dependent; you could
no longer do it from outside.
> > Chuq, it's obvious to me that that's not a good enough answer for you.
> > but I'm afraid, even though I know you've put at least one long reply
> > to me into trying to explain why not in the past, that I still don't
> > get it.
> >
> > Maybe it's me.
>
> No, it's that we're still hashing things out, and a number of things, in
> general, just aren't clear (or resolved)
Ok. I really *did* think it was just me. Glad to hear you don't.
(You have, IIRC, in the past. ;-)
> > But *why isn't this the recipients' problem*?
>
> Or more correctly, why isn't it ONLY the recipient's problem?
Point.
> Two reasons:
>
> 1) I (as the list admin to the recipient) am offering a service. I strongly
> believe that if I'm offering a service, I have an ethical (if not legal)
> responsibility to make that service as problem free as possible. To me, the
> alternative is the same as selling toasters that aren't UL approved because
> I feel it's the buyer's responsibilty to make sure they aren't electrocuted.
Hmmm... the difference in degree *is* a difference in sorts, IMHO (OC
spray isn't regulated nearly as severly as guns; you can't kill people
with it)... but go on:
> Now, I think it's ALSO the buyer's responsibilty to be aware of the risk of
> electrocution, but that doesn't remove the responsibility from me to not
> sell them a cheap, shoddy toaster.
Stipulated. But I don't believe that the toaster *is* cheap and shoddy
-- ie: that it's *your* responsibility -- merely because people break
into your house, and jam oversized bagels into your toaster repeatedly
until it won't hold toast anymore.
> 1.5)
Why I love geeks. ;-)
> Having said that as list admin -> recipient, iterate and I feel the
> same is true of "mail list developer" -> list admin. Because...
>
> 2) I feel it is a responsibility of the experts to do what they can to take
> care of the not-so-experts. Since we (the developers) are the experts. We
> have the ability to build systems to deal with this, and so I feel we
> should, so that people who aren't as capable can benefit as well. Saying
> "it's his responsibility" only works as long as "he" can ALSO do what we do
> and knows what we know, and that's clearly not a true assumption. So saying
> that is really not assigning responsibility, but ducking it. That doesn't
> means we ought to solve all of the problems in the universe, but we are the
> folks most qualified to understand and solve these things -- so we should.
Except that the spam isn't the *problem*. The *spammers* are.
Even when they get unreasonably strident, and scream for all the wrong
reasons -- and they so -- I still back the Second Amendment
absolutists, because history has proven that they *put that amendment
in there for a reason*.
The circumstances are much the same here.
If we relieve the pain on the recipients for free, then they will
*never* have an incentive to stop the problem at it's source. And I
don't believe that anyone can inflict that pain on the spammers like an
aroused citizenry.
It is largely because of RMS' intransigience on many points related to
Free Software that we have most of it, and most particularly Linux --
I really don't believe it would have happened at all except for the
developer-protection provided by the GPL.
Sometimes a cigar *is* just a cigar.
Sometimes, you've got to let junior take the fall.
> It's easy to say "every man for themselves" when you're at the top of the
> food chain, because you CAN do it. But I think it avoids the real
> responsibility by making the false assumption that it's just as simple for
> others to do it, too. If it was, we wouldn't be at the top of the food
> chain, wouldn't we? Instead, I see it as a rationalization to avoid having
> to do the work needed so that others can also use it.
Not at all. It's not a question of ease. Undertaking responsibility
is not easy. Probably the worst thing is taking a stand that so
strongly resembles merely a mediocre excuse for laziness. But, to
coin a phrase, I Am Not Making This Up.
Someone has to fix the problem. It has been proven to my satisfaction
that the technologists can't: it's not a technology-fix problem (so few
'problems' are). Someone has to get *pissed*.
That'd be the people with the mailboxes, Bob.
> If everyone had the same skill set, Jay, I'd agree with you. But they don't.
> And the nice thing is, some of those people are at the top of the food chain
> in other skillsets, and we get to benefit from what they know. And if they
> were all off trying to learn what we already know, they probably wouldn't
> have the time or energy to build things in their expertise we can benefit
> from, so it all evens out at the end.
I understand what you mean... but I still think you're shooting at the
wrong target.
> Imagine if Tim Berners-Lee was too busy writing spamblock software to invent
> the browser.... I see us leveraging our expertise as a way to make sure some
> other expert gets to leverage their expertise so that whatever they can
> invent actually gets invented -- rather than sidetracked by something we
> could have saved them from but didn't, because we were self-focused.
Fine.
But this isn't procmail, nor SpamAssassin; they're at the other end of
the hall; third and fifth doors on the right, respectively.
This is a mailing list program.
Put in hooks for such things, fine. Recommend them, great. Even
automatically install them. But, please: mechanism, not policy.
It's difficult to implement, but I think it's essential.
> >> All it takes is one. Have you seen these stories?
> >
> > I can synthesize some false-positive horror stories. But if you've got
> > a couple handy -- with real termination notices -- let 'er rip.
>
> I can't give any definite examples to protect the people involved, but I
> know of a couple of people who've had their careers significantly impacted
> because of this stuff. Maybe not fatal, but third degree burns.
The topic being false-positive-ly blocked "spam", aren't those evidence
for the prosecution, not the defense?
Letting spam through likely only gets you yelled at; accidentally
blocking important stuff gets you burned.
We are on the critical path, folks. I know you know that, but the
explicit reminder isn't going to get me fired. Fail-safe isn't just
for aerospace anymore.
Cheers,
-- jra
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Baylink RFC 2100
The Suncoast Freenet The Things I Think
Tampa Bay, Florida http://baylink.pitas.com +1 727 647 1274
"If you don't have a dream; how're you gonna have a dream come true?"
-- Captain Sensible, The Damned (from South Pacific's "Happy Talk")