On Mon, 2014-08-18 at 18:22 +0000, John Levine wrote: > >I think munging the headers is a sensible practice, as it makes it > >a little harder to listwash; the main idea of the FBL as I understand it > >is to give you an idea when there's some kind of gross abuse, not that > >you are required to unsubscribe anyone who complains about your mail. > > Munging FBLs is actually fairly stupid, since everyone knows that any > sender can hide coded versions of the recipient address somewhere in > the message, and most ESPs do. > > The ISPs I've talked to have told me that their lawyers say they have > to do it because the party getting the FBL might not be the same as > the sender, or something.
I have an automated system I built as a hack on MM to intercept FBL messages, identify the list, the subscriber, unsubscribe the subscriber from the list and send a notice to the list owner (thank you, withlist! ). I brought the subject up on the MM developers' list last year some time ago, and someone mentioned that they'd talked to AOL people who weren't particular about this, and weren't interested in removing all traces of the complaining subscriber address, just the obvious ones, and they had no problem if people wanted to include the information in an encrypted format. So I guess it's the same with them and the redaction is done to make the legal dept. happy. AFAIAC, any subscriber to any list that I host for anyone who's too clueless or lazy to use the prescribed methods for unsubscribing from a MM list, and just hits the "Report Spam" button, can't be dropped from the list fast enough! My hack puts an AES encrypted concatenation of the subscriber address and the list name in the (RFC spec'd but seldom used) Resent-Message-ID header. The AES secret key is stored in mm_cfg.py. -- Lindsay Haisley | "Everything works if you let it" FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com | ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org