Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
I am pretty sure allowing the raw email addresses to be available is going to go over like a lead balloon here. Anything (however minor) to help protect the users/clients email addresses is helpful despite what others think. It is fine if someone considers the obfuscation that Mailman uses is trivial, however, anything I can do to make it harder or more computationally time-invested to get the email address is better than giving it away. Sure bots are out there but if what I do helps slow down someones system to make them look at it (and hopefully get rid of the bot), then great. But at least give me the choice to be able to do it. I happened to like Barry's (?) earlier comment about the "send me this message" link. Or maybe "send my message to the original poster" link where you can click on the link, compose your message, and send it through Mailman all without the original sender's address. Mailman or whatever process can figure out the original sender and pass on the your message. Yes, I know it is more work that is why we have computers :) As for using robots.txt, hmm, it is not the legitimate search engines I care about, it is the search engines/crawlers that do not respect my robots.txt file that I care about. If I had an effective way to consistently identify those non-legitimate crawlers, I would add what I needed to drop them into my firewall as I recognized them. Chris Julian Mehnle wrote: > Bob Puff wrote: > > >> That's the logical progression of that argument, and is the good reason >> why obfuscation or even removal of parts is not only a good idea, its a >> necessity. Exposing raw email addresses in their normal form is real >> low-hanging fruit. >> >> Regardless of what I think, my clients will cry bloody murder if emails >> leak out. I had one person recently google their email address, and >> found a link to an archive file that should have been private. I had >> removed all links to the archives, but somehow Google found it, indexed >> it, and the guy threatened me with bloody murder if I didn't take it >> down. Sheesh. >> > > There's robots.txt, you know? If this is just about user outcry, then > robots.txt will fix it (since all legitimate search engines honor it). > > -Julian > > > > ___ > Mailman-Developers mailing list > Mailman-Developers@python.org > http://mail.python.org/mailman/listinfo/mailman-developers > Mailman FAQ: http://wiki.list.org/x/AgA3 > Searchable Archives: > http://www.mail-archive.com/mailman-developers%40python.org/ > Unsubscribe: > http://mail.python.org/mailman/options/mailman-developers/cnulk%40scu.edu > > Security Policy: http://wiki.list.org/x/QIA9 ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
On Aug 29, 2009, at 12:21 AM, Jeff Breidenbach wrote: Yes. It is critical to keep user perception in mind. Specifically, if you don't keep email addresses off the global search engines, there will be a deluge of vocal complaints from users who neither care about nor understand the technical aspects. That can be as simple as robots.txt configuration, or as fancy as using a captcha based system to reveal addresses like the one offered by reCaptcha. But my main point is you need to cover the user perception angle almost independtly from the core technical aspects of anti-harvesting. For the record, I prefer keeping data as unadulterated as possible because it helps interoperability. But we also need to keep users happy. Trust me, I'm keenly aware of this as I probably get 3x the nasty hate mail that most of you get. I try to be nice and patient and that usually calms people down. :) Mailman will always still collect the raw data for messages sent to the list. There are legitimate uses for allowing outsiders access to that data (say, the list is moving and you want to migrate the archives), so I think we always want to support this. The question is how much if any of the raw data does the general public get access to? -Barry PGP.sig Description: This is a digitally signed message part ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
On Aug 29, 2009, at 1:10 AM, Bernd Siggy Brentrup wrote: On Fri, Aug 28, 2009 at 18:03 -0400, Barry Warsaw wrote: What I'm thinking is that there should be a "send me this message" link in the archive, which gets you a copy as it was originally sent to the list. That let's you jump into a conversation as if you'd been there originally. Another use case comes up when coming back from temporarily disabled delivery where you want to participate in an ongoing discussion. I've always dreamed of a ml-requ...@listdomain function that retransmits any messages in References to me. It's clear that MM has to delegate this to the archiver. I dream of a 'vacation' setting where you could tell Mailman the start and end dates of your "delivery stop" and then those messages would just be forwarded to you (perhaps as a digest) upon your return. Almost exactly like what the US Post Office does IRL. Something like this would be cool for another reason. Assuming you could trust the long term storage at the archive site (enough) it would eliminate the last reason why I locally archive any public mailing list messages. ... indicating your internet connection is by orders of magnitude better than mine :) And yet, it's never enough! :) To get on topic again: regarding address obfuscation in the archives, I noted: - obfuscate by default, - the archive admin may choose not to obfuscate but this fact will be stated clearly on every archive page à la: Email addresses are visible per choice of mailto:archiv-owner. Yep, something like that. -Barry PGP.sig Description: This is a digitally signed message part ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
On Aug 29, 2009, at 3:01 AM, Stephen J. Turnbull wrote: Barry Warsaw writes: What I'm thinking is that there should be a "send me this message" link in the archive, which gets you a copy as it was originally sent to the list. That let's you jump into a conversation as if you'd been there originally. I don't understand. Do you mean the raw message received by the list, or the processed message as distributed by the list? The former means you don't have RFC 2369 headers, etc. I'm not sure I understand what the efficacy of the latter is; does address-munging happen only in the archives? I find it hard to believe that could be at all effective, except for what I would think is an unusual case (a closed- subscription list with public archives). Yes, address munging only happens in the HTML archives and in the outgoing queue processor. Mailman keeps a copy of the raw received message which for MM2 is only in the mbox file, but for MM3 will be in a "message store". Let's say I just joined the XEmacs development mailing list after a long absence. I find a message in the archive from two years ago that is relevant to an issue I'm having. I'd like to follow up to that message using my normal mail toolchain, but I found the archive page through Google. I should be able to click on a link on that page, enter my email address (perhaps through some validation dance, or subject to a request governor) and then the message -- as it was originally copied to the list membership -- would show up in my inbox, exactly as if I were a list member at the time. Now I can hit 'reply' and inject myself seamlessly into that 2 year old thread. -Barry PGP.sig Description: This is a digitally signed message part ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
On Aug 31, 2009, at 1:15 PM, C Nulk wrote: I am pretty sure allowing the raw email addresses to be available is going to go over like a lead balloon here. Anything (however minor) to help protect the users/clients email addresses is helpful despite what others think. It is fine if someone considers the obfuscation that Mailman uses is trivial, however, anything I can do to make it harder or more computationally time-invested to get the email address is better than giving it away. Sure bots are out there but if what I do helps slow down someones system to make them look at it (and hopefully get rid of the bot), then great. But at least give me the choice to be able to do it. Agreed. I happened to like Barry's (?) earlier comment about the "send me this message" link. Or maybe "send my message to the original poster" link where you can click on the link, compose your message, and send it through Mailman all without the original sender's address. Mailman or whatever process can figure out the original sender and pass on the your message. Yes, I know it is more work that is why we have computers :) The difficult part about the latter is that I hate web interfaces for reading/composing email (Gmail included). I want to use my mail reader for that! As for using robots.txt, hmm, it is not the legitimate search engines I care about, it is the search engines/crawlers that do not respect my robots.txt file that I care about. If I had an effective way to consistently identify those non-legitimate crawlers, I would add what I needed to drop them into my firewall as I recognized them. Agreed. -Barry PGP.sig Description: This is a digitally signed message part ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation codefrom Mailman 3
Barry Warsaw wrote: > >On Aug 31, 2009, at 1:15 PM, C Nulk wrote: > >> As for using robots.txt, hmm, it is not the legitimate search >> engines I >> care about, it is the search engines/crawlers that do not respect my >> robots.txt file that I care about. If I had an effective way to >> consistently identify those non-legitimate crawlers, I would add >> what I >> needed to drop them into my firewall as I recognized them. > >Agreed. The point in the original post about robots.txt was that if you think obfuscation is undesirable and don't do it, but you get complaints from people who find their unobfuscated addresses on your pages via legitimate search engines, you can use robots.txt to keep the search engines out. However, robots.txt is not completely effective in this. You can use it to prevent Google from crawling your site or portions thereof, but it won't prevent Google from indexing your pages that it finds via external links. To prevent this, you need a tag on the pages themselves. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
Barry Warsaw wrote: Let's say I just joined the XEmacs development mailing list after a long absence. I find a message in the archive from two years ago that is relevant to an issue I'm having. I'd like to follow up to that message using my normal mail toolchain, but I found the archive page through Google. I should be able to click on a link on that page, enter my email address (perhaps through some validation dance, or subject to a request governor) and then the message -- as it was originally copied to the list membership -- would show up in my inbox, exactly as if I were a list member at the time. Now I can hit 'reply' and inject myself seamlessly into that 2 year old thread. As long as the mailing list name/address hasn't migrated/changed in the interim... ...perhaps the original message munged to ensure current accuracy of the to/cc/reply-to fields? -Dale ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
On Aug 31, 2009, at 3:00 PM, Dale Newfield wrote: Barry Warsaw wrote: Let's say I just joined the XEmacs development mailing list after a long absence. I find a message in the archive from two years ago that is relevant to an issue I'm having. I'd like to follow up to that message using my normal mail toolchain, but I found the archive page through Google. I should be able to click on a link on that page, enter my email address (perhaps through some validation dance, or subject to a request governor) and then the message -- as it was originally copied to the list membership -- would show up in my inbox, exactly as if I were a list member at the time. Now I can hit 'reply' and inject myself seamlessly into that 2 year old thread. As long as the mailing list name/address hasn't migrated/changed in the interim... Good point. ...perhaps the original message munged to ensure current accuracy of the to/cc/reply-to fields? Not sure I understand; can you elaborate? -Barry PGP.sig Description: This is a digitally signed message part ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
Barry Warsaw wrote: > On Aug 31, 2009, at 1:15 PM, C Nulk wrote: > >> I am pretty sure allowing the raw email addresses to be available is >> going to go over like a lead balloon here. Anything (however minor) to >> help protect the users/clients email addresses is helpful despite what >> others think. It is fine if someone considers the obfuscation that >> Mailman uses is trivial, however, anything I can do to make it harder or >> more computationally time-invested to get the email address is better >> than giving it away. Sure bots are out there but if what I do helps >> slow down someones system to make them look at it (and hopefully get rid >> of the bot), then great. But at least give me the choice to be able to >> do it. > > Agreed. > >> I happened to like Barry's (?) earlier comment about the "send me this >> message" link. Or maybe "send my message to the original poster" link >> where you can click on the link, compose your message, and send it >> through Mailman all without the original sender's address. Mailman or >> whatever process can figure out the original sender and pass on the your >> message. Yes, I know it is more work that is why we have computers :) > > The difficult part about the latter is that I hate web interfaces for > reading/composing email (Gmail included). I want to use my mail > reader for that! Actually, I had more of a mailto style link in mind that sends the message to the list (run by Mailman naturally) and as part of the body/subject include an encrypted form of the message id (providing it is unique). You would use your mail client to read/compose. Maybe something similar to a list's listname-bounces address but with the message id could be done. Don't know. Mailman would receive your message, decrypt the message id, look up the message, then forward your message to the original sender. I am not particularly fond of web interfaces for reading/composing email. Well, maybe when I travel overseas without a laptop, then it is minimally okay. > >> As for using robots.txt, hmm, it is not the legitimate search engines I >> care about, it is the search engines/crawlers that do not respect my >> robots.txt file that I care about. If I had an effective way to >> consistently identify those non-legitimate crawlers, I would add what I >> needed to drop them into my firewall as I recognized them. > > Agreed. > -Barry > Now, totally off-topic, anyone have a recommendation for a book on learning Python so I am no longer truly dangerous, just slightly. Thanks, Chris ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
Barry Warsaw wrote: Now I can hit 'reply' and inject myself seamlessly into that 2 year old thread. As long as the mailing list name/address hasn't migrated/changed in the interim... Good point. ...perhaps the original message munged to ensure current accuracy of the to/cc/reply-to fields? Not sure I understand; can you elaborate? We can tell from a mailing list's configuration what the distribution address should be, but I guess we don't know what previous addresses it had, so it's not as simple as I was thinking to do this munging (I was thinking just a search/replace). Maybe the appropriate modifications from the original message would be to add as a "To" address the current list address iff it does not appear in the To or CC addresses in the archived message (and to re-set ReplyTo, if reply-to-munging is set). -Dale ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
On Aug 31, 2009, at 4:39 PM, C Nulk wrote: Now, totally off-topic, anyone have a recommendation for a book on learning Python so I am no longer truly dangerous, just slightly. There are zillions of books available now for learning Python (I think there was only 1 when I first learned it 15 years ago :). http://wiki.python.org/moin/PythonBooks For various reasons, it's difficult for me to recommend one over the other. -Barry PGP.sig Description: This is a digitally signed message part ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
On Aug 31, 2009, at 4:41 PM, Dale Newfield wrote: Maybe the appropriate modifications from the original message would be to add as a "To" address the current list address iff it does not appear in the To or CC addresses in the archived message (and to re- set ReplyTo, if reply-to-munging is set). That seems reasonable. -Barry PGP.sig Description: This is a digitally signed message part ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation codefrom Mailman 3
Mark Sapiro wrote: > Barry Warsaw wrote: > >> On Aug 31, 2009, at 1:15 PM, C Nulk wrote: >> >> >>> As for using robots.txt, hmm, it is not the legitimate search >>> engines I >>> care about, it is the search engines/crawlers that do not respect my >>> robots.txt file that I care about. If I had an effective way to >>> consistently identify those non-legitimate crawlers, I would add >>> what I >>> needed to drop them into my firewall as I recognized them. >>> >> Agreed. >> > > > The point in the original post about robots.txt was that if you think > obfuscation is undesirable and don't do it, but you get complaints > from people who find their unobfuscated addresses on your pages via > legitimate search engines, you can use robots.txt to keep the search > engines out. > I understood the original post and I agree. > However, robots.txt is not completely effective in this. You can use it > to prevent Google from crawling your site or portions thereof, but it > won't prevent Google from indexing your pages that it finds via > external links. To prevent this, you need a content="noindex"> tag on the pages themselves. > I agree with you here. The robots.txt and the "http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
On Aug 31, 2009, at 4:48 PM, David Champion wrote: I'm going to embracing and extend something Barry suggested in private mail. He suggested a list setting that permits signed-in list subscribers to download raw archives if they have some 'archive-approved' status. What if that is a three-way switch: approved, unapproved, and blacklisted? New subscribers would always be unapproved. An unapproved subscriber who successfully posted to the list, clearing any approval mechanisms in place and subject to a list configuration option, would get approved for raw archive access. (Automatic posting-equals-approval would not be desirable for all lists, but it would for many.) An approved user could be blacklisted by moderator action or by an automated moderation filter. Coming off blacklist status would require manual action by the moderator. And there could be a form in the application to request approval or de-blacklisting, of course. Launchpad's mailing lists have a very similar concept, although it's not used for access to the archives. The concept there is called "standing" and currently has four levels: excellent, good, poor, and unknown. You start out with unknown standing, but after you prove yourself (in much the same way as you describe above), you get to be in good standing, which gives you other benefits, such as being able to email a list you're not on without moderation. You can't get to excellent standing on your own and there are currently no benefits of excellent over good standing. Poor standing is much like your blacklist idea. The way I look at it is that Launchpad prototyped this concept and I do think it could be useful in Mailman itself. -Barry PGP.sig Description: This is a digitally signed message part ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
* On 31 Aug 2009, Barry Warsaw wrote: > > Mailman will always still collect the raw data for messages sent to > the list. There are legitimate uses for allowing outsiders access > to that data (say, the list is moving and you want to migrate the > archives), so I think we always want to support this. The question > is how much if any of the raw data does the general public get > access to? It seems clear that there are legitimate use cases for raw archives, so I'll skip the justifications and just address how we can balance between transparency and security. I'm going to embracing and extend something Barry suggested in private mail. He suggested a list setting that permits signed-in list subscribers to download raw archives if they have some 'archive-approved' status. What if that is a three-way switch: approved, unapproved, and blacklisted? New subscribers would always be unapproved. An unapproved subscriber who successfully posted to the list, clearing any approval mechanisms in place and subject to a list configuration option, would get approved for raw archive access. (Automatic posting-equals-approval would not be desirable for all lists, but it would for many.) An approved user could be blacklisted by moderator action or by an automated moderation filter. Coming off blacklist status would require manual action by the moderator. And there could be a form in the application to request approval or de-blacklisting, of course. -- -D.d...@uchicago.eduNSITUniversity of Chicago ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
Re: [Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3
Barry Warsaw writes: > Let's say I just joined the XEmacs development mailing list after a > long absence. Hey, welcome back! Do you plan to return to Supercite maintenance? > I find a message in the archive from two years ago that is relevant > to an issue I'm having. I'd like to follow up to that message > using my normal mail toolchain, but I found the archive page > through Google. Sure, that's a valid use case. I'm not sure that it couldn't be handled by an appropriate mailto URL, though. And I suspect it's less common than the case of private messages (no evidence, just introspection). ___ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
