[meta-sig] Re: [meta-sig] RE: [meta-sig] [Fwd: Re: [META-SIG] Switchover to mailman]

Ken Manheimer klm@python.org
Thu, 26 Feb 1998 13:44:32 -0500 (EST)

On Thu, 26 Feb 1998, Guido van Rossum wrote:

> > I think subscribership info should be publicly viewable by default.
> > If specific individuals wish to hide their address from visibility, I
> > would not deny them that privilege.  Kind of like phone #'s in the
> > phone book.
> [...]
> Findmail has an elegant solution (maybe Deja News too): they publish
> the person's name, with a link to a page that contains the email
> address.  This makes it sufficiently expensive for spammers to gather
> emails (since they would have to download a page for each address) to
> discourage them; if necessary, the server can impose a limit on the
> number of times such pages can be downloaded from a given address.

I do like this solution, but it doesn't exactly fit the situation with
mailman, where every user does have an email address - that's really
their account id - but does not necessarily have a real name.  Hmm, i
guess we could us just the account-name part of the email address if
we're displaying members in this restricted mode, and the member hasn't
set their real name.  In fact, when i get a moment i'll implement the
restricted mode, even before implementing user names, and set the lists
to use it.  

That said, i wonder if there's reason to worry about this in the first
place.  It seems to me that these pages don't present the same kind of
trolling-spammers opportunity, since they're cgi-bin products, not
something that can be found automatically by iterating the pages on the
site.  Wouldn't that already make finding the pages sufficiently
expensive to prevent the problems people are concerned about, at least
in the current state of affairs??