On 14 Oct 2003, "J. Frisbie" <[EMAIL PROTECTED]> wrote: > > What would you like us to do differently?
I see your original message was a bit misleading: you said that you "singed up for the samba", but in fact you also posted to the list, thus disclosing your address. First of all: we don't disclose the subscriber addresses to anyone. The roster of list members is not available from the web page. If you subscribe and do not post, nobody will know your address. Just to be absolutely clear: - We don't disclose the subscriber addresses. - We are not sending you viruses or spam. - Sometimes spam does get onto the lists. We filter out the vast majority of it. There is no perfect filtering solution. - This is a public list. Anything you send to it can be read, used or archived by anyone in the world. We explain this reasonably clearly. - We have no control over people who might be sending you viruses. You need to complain to their network admin or your network admin or your government. ** If you want something to remain secret, do not post it. ** I personally don't think keeping your address secret is a good solution to spam, but you can try it if you want. I think we are being responsible. The problems are not of our making, and we do our best to reduce them. If you have any concrete constructive suggestions we'll consider them. I see you are posting from Outlook, which is the overwhelmingly most common virus vector. Calling us irresponsible is pretty cheeky. If Outlook went away, the email virus problem would nearly disappear overnight. > [your suggestions:] > You have some unscrupulous list subscriber who bombards addresses > that appear on the list with viruses. If you tell me who they are, we will remove them from the list. > Do not send messages to the list with machine parseable return > addresess. We pass through messages with whatever address the sender uses. Some people choose to post from addresses other than their real one, and that is allowed. Of course they take the risk of not seeing direct replies. Addresses in the list archives are not easily machine parseable: http://lists.samba.org/archive/samba/msg72578.html Other people can archive it however they want. > Make the reply to address the mailing list, not the person who sent the > message. I don't understand how you think this would help the spam or viruses problem. If anything, it will cause more misconfigured antivirus software to send messages to the list, thus annoying everyone and just the poster. > Vet your subscriber list. Since people other than subscribers can read the list archives, this too would not prevent people sending viruses to you. But leaving that aside, how do you suggest we vet it? I can't think of any test we could easily do over email that would reliably distinguish good people from evil. Are we supposed to guess that "frisbie doesn't look like a real name, so we won't allow it?" We could disallow people who're using insecure clients like Outlook, but unfortunately there's a large overlap with Samba's userbase. > Allow only subscribers to post to the list. That has nothing to do with people sending viruses direct to you. Doing this in addition to the spam filtering we already have in place might reduce the amount of spam getting onto the list. On the other hand it would impede people who want to just ask one question, which is pretty common. We may yet do it in the future. Since many viruses forge their From address, verifying the From address may not help much anyhow. This would also block people who want to post from an obscured address. Terry suggested: > Quit forwarding the list onto Usenet, at least with email addresses > exposed (what's the real use of this, considering it's not that big of > a deal for people to subscribe?) I think it is very useful for people who want to read through the list archives without receiving every message as its sent. It supports a use mode that's more useful to some people than either email or web archives. I will consider hiding the sender addresses. > I don't have this problem with other lists (this account is subscribed > to at least 20), so there's no reason why we should have these > problems here, either. That is a bit of a non sequiter. I don't know what other lists you're on. Similarly high-profile lists at kernel.org or debian.org seem to have similar policies and our level of spam is as good or better. -- Martin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba