[Mailman-Users] Approve subscription requests via mail
LuKreme
kremels at kreme.com
Mon Nov 20 07:13:30 CET 2006
On 19-Nov-2006, at 22:00, Brad Knowles wrote:
> At 12:11 PM +0900 11/20/06, Stephen J. Turnbull wrote:
>> Just use the message's message id, munged into URI-compatibility if
>> necessary.
>
> Doesn't work. Too many MUAs out there use very non-specific strings
> for their message-ids, and you'd get too many collisions.
>
> At a minimum, I figured that you'd need to take certain standard
> headers which are almost always present (Date, Subject, From, To, Cc,
> Message-ID, etc...), generate a cryptographic hash (MD-5, SHA-1,
> SHA-256, or whatever else you feel sufficiently comfortable with),
> and that should be a good starting point. But it would still be just
> a starting point. You'd still have to have a collision
> detection/avoidance algorithm.
Well, you can have mailman generate a "X-Mailman-ID:" for outgoing
messages before it archives them or sends them to the list. That
way, you can guarantee that the ID is unique (use a message-id like
format with SomeHash at listname.domain.tld). Since that ID is part of
the message, it gives a perfect 1:1 relationship between the
individual message and the link to the archive of the message. In
fact, it can even BE a link to the archive of the message (but
please, make that a toggle-able feature).
> IMO, you don't want to do a crypto hash over the body of the entire
> message, because that would take longer to calculate, and would be
> less likely to survive transmission, translation, future changes to
> the message body filtering code,
It doesn't matter if the body changes AFTER the ID is generated. But
agreed, doing it over the whole message would take too long. How
about over the first 4096 bytes of the message+headers?
> etc.... You want to choose things
>> This scheme also has the advantage that you can predict the URL
>> having
>> only a copy of the message. So you could put the full URL of the
>> current message in the List-Archive header (if that doesn't
>> contravene
>> the RFC), or you could add an X-List-Archive-Current-Post-URL
>> header.
>
> Yup, that would be an additional useful feature.
Seems to make more sense to generate the code whilst the message is
'owned' by mailman and then there's nothing to worry about it being
munged in transit or on the other end.
--
"I don't care how much melanin you have in your skin nor who you
sleep with, you can't have my cheese."
More information about the Mailman-Users
mailing list