[Mailman-Users] AOL redacts user addresses even with VERP and full personalization enabled

Stephen J. Turnbull stephen at xemacs.org
Mon Jun 18 10:03:02 CEST 2012

Lindsay Haisley writes:

 > So what would be the implications of hacking an extra header into
 > outgoing posts on lists for which personalization is enabled, say
 > "X-Subdata", with said header containing a hash of the subscriber
 > address to which the post is directed?

I would use Resent-Message-ID, unless the content of posts is such
that you can get away with munging Message-ID itself.  That is a
standardized header that Mailman uses anyway.  I would also use a
reversible encryption rather than a hash.  (Not so much because it's
reversible, but rather because it's undetectable except insofar as
it's different from standard Mailman.)

 > This would, in theory, mostly satisfy AOL's privacy concern

I really don't think so.  It might satisfy *your* privacy concerns,
but their "privacy" concern is absolute.  (I doubt that their basic
motive is to protect their customers' privacy, especially given Brad's
statements, but I see no reason not to take them at their word that
*any* attempt to identify customers is a violation of their feedback
loop user agreement.)

That's not to say you shouldn't do it, but if they catch on, they'll
start redacting those headers, too, and quite possibly boot you from
their feedback loop.

As Brad points out, they simply don't care if their members get the
mail that they want.  Or at least, they don't care about that anywhere
near as much as they care that their members don't get mail that they
don't want!

 > Hacking the message ID out of mail logs to identify the subscriber seems
 > somewhat chancier and more difficult, since mail logs roll over and
 > eventually disappear from the system.

If you say so, but *that is under your control*.  I'd much rather make
the effort to make my logs dependable, than depend on any cooperation
from AOL.

More information about the Mailman-Users mailing list