[Mailman-Users] Major problems with privacy and mailman lists and harvesters

Tue May 27 06:56:43 CEST 2008

On 5/26/08, Steve Murphy wrote:

>  Agreed. But I'm not at all for any kind of obfuscation. I'm for
>  removal. If we do a good job of subtracting email addresses from
>  outgoing messages, and out of the archives, eventually the spammers
>  will give up on lists so configured.

Other than anonymization, we can't really mess with the outgoing 
messages.  You would be destroying information that could not be 
retrieved or recreated, and if one of the recipients wanted to reply 
to all of the other recipients (including non-list participants), 
they would not be able to do so.

We could certainly do more within the "cooked" archives, however.  Of 
course, in that case the list admin would have to protect the raw 
archives from being downloaded, and right now there's no way to 
prevent that from within Mailman.  You can choose whether or not to 
advertise the raw archives, but even if they're not advertised, 
someone who knows how to contruct the appropriate URL can still 
download them.

So there are multiple security-related things that could be done to 
further protect the archives, at least as an option for the list 
admin.

Of course, you as a subscriber, would have no control over what would 
be done with your e-mail once it's posted to the list -- that would 
be up to the people who administer the list and what archive security 
options they choose to select.

This might potentially be something we could fix in Mailman3 (where 
each user could control on a per-list and per-sender address basis 
what is done to/with their e-mail addresses within the archives), but 
I don't think anyone has put any serious thought into that particular 
issue.

>  I **thought"" I understood the basics of email workings.
>  What I'm targeting is the "From ", and "From:" headers.

What you call the "From " header is not actually a header.  It's the 
envelope sender information, and is not necessarily recorded anywhere 
within the message itself.  You can't muck with that, unless you want 
your message thrown away as spam.

Also, you can't really muck with the header "From:" field, unless you 
want your message thrown away as spam.

>                                                           Instead of them
>  giving the actual email of the original submitter, they could simply say
>  "whateverlist at lists.whateverdomain.com" -- in other words, set the from
>  addr to the list address itself.

That's called "list anonymization".  However, this is controlled on a 
per-list basis, and as a user you have absolutely no control over 
this process whatsoever.

Moreover, there are some pretty serious costs with list 
anonymization.  Trust me, you really don't want to turn this on 
unless you know exactly what you're doing and why.

>  What's not-doable about this? Am I missing something? I can be incredibly
>  dense at times, and miss some pretty obvious laws of nature. Feel free to
>  correct me.

With regards to the messages actually being transmitted, that's 
basically all we can do.

>  IIRC, the spammers forge the From addresses all the time, and the emails
>  get delivered.

Yeah, but they don't care if 99.9999999999999999999999% of their 
messages get thrown away as spam, so long as that last tiny fraction 
gets through.

In contrast, your users would probably be pretty upset if any 
significant fraction of the messages being sent by your list were to 
get thrown away as spam.

-- 
Brad Knowles <brad at shub-internet.org>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>