[Mailman-Developers] UI for Mailman 3.0 update
barry at list.org
Wed Jun 16 21:26:40 CEST 2010
On Jun 16, 2010, at 12:33 AM, Cristóbal Palmer wrote:
>Are you saying that no scripts/bots can automatically sign up for
>mailman lists? I get plenty of signups like "qneu456na at nanke62w.net"
>that suggest otherwise. I should take the time to log those and send
>them to you, perhaps? After my masters paper...
Only if I can send you all the bounces and unsubs I get every month on Mailman
>Okay... now that I've put all this energy into this explanation, I'll
>admit: spam to list owners, especially of the "Dear $LISTNAME owner,
>we at $SITENAME security need you to reset your password. Please find
>instructions in the attached .zip file..." were a much bigger problem
>a couple of years ago (surprisingly even after implementing SA) until
>I decided to block .zip and several other mime types at the MTA
>level. So if y'all have no interest in doing any reCAPTCHA
>integration, I'll just spend that much more time making anti-spam
>tweaks at the MTA level, and I'll field one or two more "I'm a
>moderator and I'm dealing with a lot of spam here" tickets every now
Two points: antispam defenses are always going to be better done in the MTA
upstream of Mailman. We may provide some hooks to allow integration with
SA/spambayes/clam/etc. but just seeing the cpu these take up on my measly
server I do not think I want such a check running on everything teh intarwebs
can throw at your lists domain.
Second, I intend to pass -owner email through a pipeline the way posted
messages go through, so you will at least have the opportunity to do some
content and other checks on the message before they're forwarded to the
>That's another point, come to think of it: I've had plenty of time and
>experience running a couple of decently-sized mailman installs, but
>what about the many, many people who have less experience running
>mailman? The easier we make it for them to make it hard on spammers,
Yes, we should be opinionated and make reasonable defaults so that it's easy
to install and run a working system, with good tradeoffs between usability,
functionality and security. These are not always easy tradeoffs to make.
>A final note: are there any published user studies on mailman? I see
>your ATEC '03 and LISA '98 presentations in the ACM portal, and I see
>http://www.gnu.org/software/mailman/otherstuff.html ... but nothing
>else turns up in google scholar. Please point me to other research on
>mailman and its user base if it exists. If it doesn't, maybe I need to
>make that happen....
Terri was talking at one point of contracting such research, and I think some
is being done as part of the GSoC work. None exists that I know of. If
you're offering, I'm sure we would love to have some additional solid
usability studies, especially focused on helping to guide Mailman 3 design.
>Thanks so much for all the work all of you do. It really is a pleasure
>and a privilege to be involved.
Thanks to you and everyone who contributes to Mailman development. It truly
is a great community.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: not available
More information about the Mailman-Developers