[Mailman-Users] Re: [Mailman-Developers] How to remove X-Confirm-Reading requests from mail headers distributed by Mailman?

Brad Knowles brad.knowles at skynet.be
Fri Apr 2 22:10:30 EST 2004


At 6:57 PM -0800 2004/04/02, Lloyd F. Tennison wrote:

>  What makes you think it is Mailman?  It does not exist on any of my
>  lists, nor does it exist on the lists I receive from others - including
>  this list.  (View this source.) Check you MTA.  Maybe that is what is
>  doing it.  If Mailman is doing it it is somewhere not mentioned in the
>  documentation and does not do it in all setups.

	The problem that the OP is complaining about is that some other 
member of the list posted a message containing that header, and 
Mailman did not strip it out.  As a result, this header was passed 
unchanged to the recipients of the list, which could expose the 
privacy of the users who received the message but who are not 
publicly advertised as being members of the list (you can control 
whether or not your subscription is publicly visible).

	If the recipient MUA supported this header, then the original 
poster to the list could get responses back from a wide variety of 
people, with potentially damaging consequences.


	Imagine if the list were an online rape support group, and the 
person posting was a serial rapist, perhaps posing as someone else. 
They could easily get a list of potentially vulnerable targets which 
they could then go after, at least of the people who would be running 
the common MUA that recognizes this header, and are not computer 
savvy-enough to know how to turn this "feature" off.  That would tend 
to make them even better potential targets, and those are the only 
ones a potential serial rapist would be likely to be interested in 
anyway.

	It was probably just a spammer going out of their way to gather 
more mailing addresses for the mill, but I think you must concede the 
potential security weakness here.


	In this case, the weakness is not the fault of Mailman.  The 
weakness is the fault of the damn bloody stupid MUA and the 
criminally incompetent company that wrote it.

	However, since this is something that Mailman could potentially 
have protected against, people will expect that Mailman *must* do so, 
because we all know damn good and well that the unnamed company will 
never do anything useful when it comes to computer security.


	Myself, I can see this becoming a slippery slope, and I'm not 
sure we'd want to go down that route.  On the other hand, I can 
understand why some mailing list admins might insist on this feature.

	I'm beginning to think that Mailman should strip all incoming 
headers down to the bare minimum (leave "From:", "Subject:", "Cc:", 
"Received:", and that's about it), at least by default.

-- 
Brad Knowles, <brad.knowles at skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

   SAGE member since 1995.  See <http://www.sage.org/> for more info.



More information about the Mailman-Developers mailing list