[Mailman-Users] Autoresponder and privacy

Mark Sapiro mark at msapiro.net
Tue Apr 5 23:27:40 CEST 2011

Clare Redstone wrote:

>I've just moved a discussion group from majordomo to Mailman and posted the
>first message to the group. So far, I've had one autoresponder message sent
>back. Thankfully, from what I can see, it only came to me and not to the
>list address, so hasn't started to loop.

Any autoresponder that responds to a list post is by definition broken.
List posts are sent with "Precedence: list" and autoresponders aren't
supposed to respond to such messages. Also, autoresponders shouldn't
respond to the same address more than once within some period like a
day or a week. Finally, an autoresponder should reply to the From: or
Reply-To: address (although some badly broken autoresponders may
respond to the Sender: or the envelope sender). Thus, if your list
doesn't mung Reply-To:, no autoresponder should ever respond to the
list posting address.

Note that parts of the above apply only to individual posts. For
digests, the From: is the LIST-request address, so if a broken
autoresponder responds to a digest, the response will probably go to
the -request address possibly generating a "results of your email
commands" message from Mailman, but not if the autoresponse is
Precedence: bulk, junk or list as it should be. In those cases, it
will be discarded.

>But I've a problem over preserving members' privacy. The list of subscribers
>isn't available to other list members. So unless someone posts a message in
>the discussion, when their email address will show up in headers, I'm the
>only person who knows who's registered. And some people will be concerned
>that stays the case.


>But the autoresponder message came from someone using their work email so it
>includes their name, job and contact details. It doesn't matter this time,
>as it came to me. But as soon as someone else posts to the group, I assume
>they'll get the same out of office message.

That's probably true, but if list lurkers choose to use broken
autoresponders that may reveal their address to a list poster and are
upset about that, that's really their problem. What do they do about
all the spam they autorespond to? Do they care about that?

>I can warn everyone about this and suggest that, if they don't want their
>details revealed, they only use an address that they won't set out of
>office. But is there anything else I can do? Privacy is important in our
>group so I would like to do what I can, rather than leaving it people who
>didn't realise about this vulnerable. Meantime, I may unsubscribe this
>person so no-one else gets her out of office message.

I appreciate your desire to protect your user's privacy, but I think
there's little beyond a warning that you can do. Rather than
unsubscribing the user, you could just set him/her to no mail. You
could also suggest to people that are concerned that they could set
themselves to no mail

>Not a problem with a loop, thankfully. (Yet? Maybe I'd better put some
>filters in pronto!)

As I indicate above, a mail loop is very unlikely if you don't mung
Reply-To:. Yes, there could be some brain dead autoresponders out
there that respond to Precedence: list messages send the autoresponse
to the To: address (or Reply-To: if you mung it), and send multiple
responses to the same address, but I think this is rare.

That's not to say that you shouldn't try to filter, but it's not easy.

You could set all members moderated and new members moderated by
default and then clear each poster's moderate bit as they post.
Clearing the moderate bit is just a checkbox in the admindb interface
when approving the post. That way, a lurker's autoresponse could never
make it to the full list.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list