[Mailman-Users] Feature Request: Selective Mass Subscription

Krystal Zipfel zipfel at greenacrestechnology.com
Tue Jun 24 21:38:44 CEST 2008

(figures, apparently my mail program is one of those *broken* ones so 
apologies, this originally sent off list)

Hello Cyndi,

I do see where you are coming from, but abuse issues can go the opposite 
direction from your description, and usually does.

The host I work for does NOT turn off mass subscription capability (but 
also only provides the web interface). With that said, our abuse policy 
states that all users must be double-opt in. Whether this is done via 
Mailman or they're own script and database is up to the user, but they 
had better be able to provide proof that the subscriber was double-opt in.

The reason for this is simple. Most hosts providing Mailman (or similar 
package) do so on shared servers (our servers have up to 2000 lists per 
server). If *for any reason what-so-ever* a user's list causes an ISP to 
take notice, the ISP will most likely take notice by blocking that 
shared server affecting all 1999 other lists on that server. Most ISP's 
will then specifically request proof that the message was requested and 
not unsolicited, and the best (and yes, legal way) to prove that is if 
you have proof that the user was opted into the list TWICE.

In our eyes, the problem has nothing to do with some spammer mass 
subscribing users (we have NEVER had this problem, actually... unless 
the admin gets they're password compromised). It has everything to do 
with covering our customers butts. :-)

Just offering the other side of the issue.


Cyndi Norwitz wrote:
> Please let me know if I should post this elsewhere too.
> The Mass Subscribe feature has two settings: on and off.  Although Mailman
> was designed for users to self-install, and presumably they can trust
> themselves not to abuse it, the truth is that an awful lot of Mailman list
> owners do not have access to the full software, just the web interface.
> My use of Mailman is through my ISP, but there are other users who use
> software installed by a business group, university, or other entity.  My
> ISP has chosen to turn off Mass Subscribe.  Only the invite feature is
> left.
> I completely understand why they have done this and I have to concur.  They
> have thousands of users and hundreds of mailing lists.  The potential for
> abuse is great.  They did a mass subscribe for me when I transfered my
> lists from another provider, but they're not going to do one or two
> subscribers here, three or four there, and so on.
> It's a huge pain in the neck for users not to be able to add subscribers
> directly.  For my larger lists, I prefer subscribers to do it themselves,
> but I have the occasional person who just can't manage it.  But I also run
> smaller lists, including several for a nonprofit, and it's just
> embararssing that I can't add the board members and others who ask me to.
> My request is for an intermediate step that the provider can set.
> Something like subscribing one name at a time (so it's too much of a pain
> for a spammer to put in a thousand names) or up to 10 a day, or something
> that will make a large provider feel more comfortable but not completely
> remove the feature from the users.
> Thanks,
> Cyndi
> @ sonic.net
> ------------------------------------------------------
> Mailman-Users mailing list
> Mailman-Users at python.org
> http://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
> Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
> Unsubscribe: http://mail.python.org/mailman/options/mailman-users/zipfel%40greenacrestechnology.com
> Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

More information about the Mailman-Users mailing list