[Mailman-Users] Re: [Mailman-Developers] How to
remove X-Confirm-Reading requests from mail headers distributed
brad.knowles at skynet.be
Fri Apr 2 22:10:30 EST 2004
At 6:57 PM -0800 2004/04/02, Lloyd F. Tennison wrote:
> What makes you think it is Mailman? It does not exist on any of my
> lists, nor does it exist on the lists I receive from others - including
> this list. (View this source.) Check you MTA. Maybe that is what is
> doing it. If Mailman is doing it it is somewhere not mentioned in the
> documentation and does not do it in all setups.
The problem that the OP is complaining about is that some other
member of the list posted a message containing that header, and
Mailman did not strip it out. As a result, this header was passed
unchanged to the recipients of the list, which could expose the
privacy of the users who received the message but who are not
publicly advertised as being members of the list (you can control
whether or not your subscription is publicly visible).
If the recipient MUA supported this header, then the original
poster to the list could get responses back from a wide variety of
people, with potentially damaging consequences.
Imagine if the list were an online rape support group, and the
person posting was a serial rapist, perhaps posing as someone else.
They could easily get a list of potentially vulnerable targets which
they could then go after, at least of the people who would be running
the common MUA that recognizes this header, and are not computer
savvy-enough to know how to turn this "feature" off. That would tend
to make them even better potential targets, and those are the only
ones a potential serial rapist would be likely to be interested in
It was probably just a spammer going out of their way to gather
more mailing addresses for the mill, but I think you must concede the
potential security weakness here.
In this case, the weakness is not the fault of Mailman. The
weakness is the fault of the damn bloody stupid MUA and the
criminally incompetent company that wrote it.
However, since this is something that Mailman could potentially
have protected against, people will expect that Mailman *must* do so,
because we all know damn good and well that the unnamed company will
never do anything useful when it comes to computer security.
Myself, I can see this becoming a slippery slope, and I'm not
sure we'd want to go down that route. On the other hand, I can
understand why some mailing list admins might insist on this feature.
I'm beginning to think that Mailman should strip all incoming
headers down to the bare minimum (leave "From:", "Subject:", "Cc:",
"Received:", and that's about it), at least by default.
Brad Knowles, <brad.knowles at skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the Mailman-Developers