[Mailman-Developers] Advanced user reputation/moderation features

Barry Warsaw barry at list.org
Wed Jan 20 23:51:32 CET 2010 

On Jan 19, 2010, at 05:42 PM, Marlon Menezes wrote:

>An alternate approach to moderation could be via a "user reputation score"
>as is often found in many web based discussion forums. A person with a
>higher user reputation score could have fewer restrictions posed on him, in
>terms of the number of posts (say per unit of time) without moderation,
>before he gets flagged for manual moderation. At this stage, it is not my
>intent to propose an a specific mathematical algorithm, but rather to bring
>out general concepts.

First I'm going to explain how we do something similar in Launchpad[1], then I
can talk about how we might go about this in Mailman 3.

In Launchpad, we do several things to reduce the moderation burden while not
opening up lists to too much spam.  One advantage we have in Launchpad is that
we accept no email from unregistered or unvalidated email addresses.  Now,
this is site-wide so once you've registered and validated your email address
to Launchpad, then you can potentially email any mailing list, even ones you
are not a member of.  Before that, we summarily reject your message.  The
validation step is of course important, because once you're registered with
Launchpad you can add more email addresses, but you can't really use them
until they've been validated via mail-back confirmation.

Okay, that's the first step, and it can do a pretty good job of reducing
crap.  Next, if you are a member of the mailing list, we allow your message to
go through.  Because list moderators have tools at their disposal to punish
abusers we think this is generally a fine trade-off.  I'm less concerned about
allowing one bad message if you can boot the offender off your list or ban
them permanently if they persist.  IOW, I'd rather punish the rare bad apple
than impose additional burdens on the vast majority of good ones.

Let's say you post to a mailing list that you are not a member of, what
happens?  Well, the first time you post to it, your message gets held for
moderator approval.  This is very similar to what happens in Mailman today.
The difference is that if the moderator approves your post, you then your
subsequent messages to that mailing list are not moderated.  The numbers can
be tweaked, but the idea is the same: if you prove yourself by posting some
good messages a few times, we don't need to moderate you any more.

Taking this concept further, if you post to three different mailing lists that
you are not a member of, and your held message gets approved each time with no
rejections, we think you're probably okay in general and will let you post to
any mailing list without moderation, regardless of whether you're a member or
not.  See, your reputation is improving so you get more privileges.

Each user in Launchpad also has a concept of "standing", which the admins can
set but users cannot see or influence.  There are essentially four levels of
standing: excellent, good, unknown, and poor.  If your standing is poor, we
summarily discard your messages.  If your standing is good or better, then
your posts go through without moderation.  So one of the tools we have to
punish abusers is to set their standing to "poor" and wave goodbye.

Now, even though Launchpad is backed by Mailman 2, most of the data for this
is in Launchpad, so stock Mailman 2 can't really do this.  The main reason is
that Mailman 2 doesn't have any global concept of a user.  It's a complete
silo per mailing list.  Mailman 3 fixes this architectural limitation so we
could potentially record the same standing data and posting history in Mailman
3 and use very similar posting rules.  I think this would help sites that run
many mailing lists (e.g. python.org).

I could even see other moderation rules implemented as plugins.  Mailman 3 has
a more robust architecture, with separate pipelines for moderation and
modification of messages.  The rule chains that handle moderation could easily
be extended to look for any of the above criteria, as well as any other
user reputation scores you can dream up.

This all works great in theory, with of course the fundamental problem of
email: without digital signatures, it's completely spoofable.  Every byte of
data that Mailman can possibly look at can be forged, so it could make a
completely reasonable decision based on false data, and then you're pretty
much SoL.  In practice, this doesn't seem to be a big problem, but really
paranoid sites with knowledgeable users could require that all messages be
digitally signed in order to even be considered for acceptance.  Personally,
I'd love to see that become the normal across the board, but I'm not holding
my breath. ;)

I hope that helps in understanding where my current thinking on the subject
is.  While the framework for implementing the above exists and works in the
current Mailman 3 alphas, the actual reputation code isn't there.  That's
something that focused (and funded?) development work could push forward.

-Barry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20100120/67ab89bc/attachment.pgp>

More information about the Mailman-Developers mailing list