Thank you Rich, I do not subscribe anyone without making them first go through the subscribe process. The problem we're having lately is the ISP's are not passing on the confirmation email, so in a couple cases lately, after confirming the user tried the process (by their word is all I got) I do subscribe them.
Unfortunately I don't have access to the logs nor VERP settings. thx, Jim On Fri, Jun 17, 2016 at 9:02 AM, Rich Kulawiec <r...@gsp.org> wrote: > > I'll second the suggestion that you split the list. I'll also suggest > that you do *not* subscribe anyone to the split-off instance: you should > make them go through a COI (confirmed opt-in) process AND you should > make certain that you retain all records of that as long as the list > exists. ("records" being the Mailman logs and copies of any > correspondence.) > > > But let me make a general comment about this problem -- which stems > from companies like AOL and Yahoo delegating control of part of the > anti-spam process to their users. > > That's incredibly stupid. It's off-the-scale idiotic. It flies in > the face of everything we've learned about spam in the past several > decades. > > Consider: if users, en masse, could reliably distinguish spam from > non-spam, would the spam problem be as bad as it is? > > No. It would not. It would only be a tiny fraction of its current scale. > > But users have spent the past several decade proving, beyond any > possible argument, that they are absolutely horrible at this task. > So delegating it to them is not only lazy, it's insane. > > To be clear: yes, users should be able to *report* suspected spam. > That's why everyone should have an abuse@ address per RFC 2142 > and decades of best practices. A user who's capable of remembering > that, and who's capable of forwarding spam to it with full headers, > is a user at least worth paying attention to. (And of course the > local admin/postmaster/abuse/whatever team should read and analyze > every such message: that's mail system admin 101.) But a user who > blindly hits the spam button for any message they don't like or > don't find useful or don't agree with or anything else is worse > than useless: they're actively degrading the process. > > Dave Crocker put it quite well when he said: > > The best model to invoke, with respect to the idea of recruiting > end users to be active participants in abuse detection or > prevention is mostly: > > Don't. > > Unfortunately, the AOLs and Yahoos of the world are deaf to this. > > And as a result of that, I have no doubt whatsoever that many of your > non-spam messages are being flagged as spam by users at those operations > (and elsewhere) despite the fact that they're on-topic for a mailing list > that they signed up for. > > I've found it necessary to use VERP and similar techniques to identify > the specific individuals responsible for this abuse and to either > (a) unsubscribe them and/or (b) ban them. This isn't a panacea, but > it does help cut down on the complaint rate and thus the spurious > blacklisting. > > ---rsk > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users@python.org > https://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 > Security Policy: http://wiki.list.org/x/QIA9 > Searchable Archives: > http://www.mail-archive.com/mailman-users%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-users/james%40dorydesign.com > ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org