subject:"\[Mailman\-Users\] appended email addresses on probe\?"

Re: [Mailman-Users] appended email addresses on probe?

2005-04-25 Thread Stephen J. Turnbull

> "Chuq" == Chuq Von Rospach <[EMAIL PROTECTED]> writes:

Chuq> turn on personalization, and this problem goes away.

No contest; that's the best way to handle this.

Personalization did occur to me (vaguely), but I just assumed he wants
to stick with his current configuration.  But on reflection, I can
think of only a few good reasons why he would not want to turn on
personalization, and there's a good chance none applies to him.

In fact, maybe by now we can get away with just making minimal
personalization (eg, limited to personal options URL in footer) the
default (at least for new installations), and ask people to turn it
off only after they've thought about the implications?

-- 
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of TsukubaTennodai 1-1-1 Tsukuba 305-8573 JAPAN
   Ask not how you can "do" free software business;
  ask what your business can "do for" free software.
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] appended email addresses on probe?

2005-04-25 Thread Chuq Von Rospach

turn on personalization, and this problem goes away.
I frankly wouldn't run mailing lists without at least some  
personalization -- because as it shows, the old style "Bcc: the  
users" style of bulk mailing (a) looks spammy and gets treated as  
such, and (b) users no longer are terribly tolerant of lists that  
hide their subscription details from them, which makes them a lot   
more likely to treat them as spam and report them as spam.

so the real fix is to set up the lists to not look so spammy, which  
means some personalization aspects.

On Apr 25, 2005, at 9:09 PM, Stephen J. Turnbull wrote:
Yup.  So what's the right thing to do?  I see four possibilities:
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] appended email addresses on probe?

2005-04-25 Thread Stephen J. Turnbull

> "Thomas" == Thomas Hochstein <[EMAIL PROTECTED]> writes:

Thomas> Brad Knowles wrote:

>> No, bounces for a mailing list should not contain more than one
>> failed address, especially if it's a probe message -- those are
>> always sent out to just one specific user.

Thomas> As far as I see, Mailman was sending out non-VERPed
Thomas> messages to that list's users. When those messages are
Thomas> non-deliverable, the MTA will send a bounce back to the
Thomas> listname-bounces address, and that bounce will contain
Thomas> many or all non-deliverable addresses, as it's only one
Thomas> outgoing message delivered to many recipients. That's just
Thomas> how it works.

I think this analysis is correct.  But notice what that means---the
bounces are happening with many addresses at the level of Michael's
hort or ISP: either Michael's list of addresses is badly broken
(unlikely since many of the bounces were "AOL is unroutable" rather
than "no such user"), or his host/ISP is broken (or fingered as a spam
source), or his list has been fingered as a spam source or something
like that.

Since it looks like Michael is running a fairly small, opt-in list,
with that number of bounces I think Michael's list has big problems
beyond a few addresses leaking to other list members.

To catch these other problems, I wonder if it would be reasonable for
mailman to check for "large" numbers of bounces on a single post, and
send mail to the list admin in that case?

Thomas> This bounce does not only contain the one failed address
Thomas> the probe is send to, but also other failed addresses.

Yup.  So what's the right thing to do?  I see four possibilities:

1.  (safest) don't attach the bounce message, but save it off
somewhere so that a human can vette it before sending it to a user
on specific request

2.  attach only the headers of the bounce message, and save off the
message as in 1.

3.  attach the text, but sanitize everything that looks like an email
address or domain name

4.  attach the text, but sanitize all email addresses and domain names
except relevant one.

-- 
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of TsukubaTennodai 1-1-1 Tsukuba 305-8573 JAPAN
   Ask not how you can "do" free software business;
  ask what your business can "do for" free software.
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] appended email addresses on probe?

2005-04-25 Thread Thomas Hochstein

Brad Knowles wrote:

>>  Obviously Mailman is forwarding a sample bounce in the probe message.
>
>   No, Mailman didn't.  Some user did.

And that user is faking a Mailman probe message?

>>  Bounces can (and, regarding a mailing list, most probably will)
>>  countain more than one failed address.
>
>   No, bounces for a mailing list should not contain more than one 
> failed address, especially if it's a probe message -- those are 
> always sent out to just one specific user.

As far as I see, Mailman was sending out non-VERPed messages to that
list's users. When those messages are non-deliverable, the MTA will
send a bounce back to the listname-bounces address, and that bounce
will contain many or all non-deliverable addresses, as it's only one
outgoing message delivered to many recipients. That's just how it
works.

Then Mailman will send out a (VERPed) probe message, and - as far as I
can tell from the message quoted by Michael - attach a sample bounce.
This bounce does not only contain the one failed address the probe is
send to, but also other failed addresses. (Sure, Michael or someone
else could have faked that probe message with an attached bounce, but
why should he?)

>>  "A bounce sample is attached below."
>
>   All of which is totally bogus.  See above.

I don't think so.

-thh
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] appended email addresses on probe?

2005-04-24 Thread Tokio Kikuchi

Hi,
At 12:54 PM +0200 2005-04-24, Thomas Hochstein wrote:
 I'm not sure where you're getting this so-called example from,
 but the message body doesn't look like anything that Mailman would be
 generating.

 Obviously Mailman is forwarding a sample bounce in the probe message.
Yes.  This is the last bounce notice which mailman (-bounces 
address) received.  In general, it contains only the bounced addresses 
and is no use for spammers (or useful to exclude them from their spam 
list if they are clever enough).

You have to hack mailman code in order not to attach the bounce notice. 
 Here is the hack:

--- Deliverer.pyTue Jan 18 08:57:07 2005
+++ Deliverer.py.x  Mon Apr 25 08:46:49 2005
@@ -224,7 +224,6 @@
 outer.set_type('multipart/mixed')
 text = MIMEText(text, _charset=Utils.GetCharSet(ulang))
 outer.attach(text)
-outer.attach(MIMEMessage(msg))
 # Turn off further VERP'ing in the final delivery step.  We set
 # probe_token for the OutgoingRunner to more easily handling local
 # rejects of probe messages.
You may also want to customize your probe.txt in the template directory.
--
Tokio Kikuchi, tkikuchi@ is.kochi-u.ac.jp
http://weather.is.kochi-u.ac.jp/
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] appended email addresses on probe?

2005-04-24 Thread Brad Knowles

At 12:54 PM +0200 2005-04-24, Thomas Hochstein wrote:
I'm not sure where you're getting this so-called example from,
 but the message body doesn't look like anything that Mailman would be
 generating.
 Obviously Mailman is forwarding a sample bounce in the probe message.
No, Mailman didn't.  Some user did.
 Bounces can (and, regarding a mailing list, most probably will)
 countain more than one failed address.
	No, bounces for a mailing list should not contain more than one 
failed address, especially if it's a probe message -- those are 
always sent out to just one specific user.

 "A bounce sample is attached below."
All of which is totally bogus.  See above.
--
Brad Knowles, <[EMAIL PROTECTED]>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
  SAGE member since 1995.  See  for more info.
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] appended email addresses on probe?

2005-04-24 Thread Thomas Hochstein

Brad Knowles schrieb:

>   I'm not sure where you're getting this so-called example from, 
> but the message body doesn't look like anything that Mailman would be 
> generating.

Obviously Mailman is forwarding a sample bounce in the probe message.
Bounces can (and, regarding a mailing list, most probably will)
countain more than one failed address.

>   Yes, Mailman will generate probe messages for users whose mail 
> has been bouncing, and may VERP those probe messages to try to make 
> sure that it is likely to detect all the various different types of 
> failure modes that may otherwise mask who the original recipient may 
> have been.  But I don't see any way that it could possibly be 
> generating messages of the sort you're complaining about.

"A bounce sample is attached below."

-thh
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] appended email addresses on probe?

2005-04-24 Thread Brad Knowles

At 10:03 AM -0400 2005-04-23, Michael J. Ludgate wrote:
 My customers are upset about privacy issues .. re: appended email
 addresses on the new bounce probe. I maintain 3 lists tat are all set
 up as announce only and my subcribers are kind of paranoid about
 emmail privacy ...
	That's very strange, considering you apparently just exposed all 
their e-mail addresses on a public mailing list which has publicly 
accessible web archives.  Somehow, I suspect you probably won't have 
any subscribers left in the near future.

so please consider removing the appended email
 eddresses on a "bounce probe" not sure of the terminology, but I will
 attach an example below ...
	I'm not sure where you're getting this so-called example from, 
but the message body doesn't look like anything that Mailman would be 
generating.

	Yes, Mailman will generate probe messages for users whose mail 
has been bouncing, and may VERP those probe messages to try to make 
sure that it is likely to detect all the various different types of 
failure modes that may otherwise mask who the original recipient may 
have been.  But I don't see any way that it could possibly be 
generating messages of the sort you're complaining about.

	I'd suggest you talk to your hosting provider, and if you have 
any subscribers left, they may be able to help you fix things so that 
this doesn't happen again.

--
Brad Knowles, <[EMAIL PROTECTED]>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
  SAGE member since 1995.  See  for more info.
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

[Mailman-Users] appended email addresses on probe?

2005-04-23 Thread Michael J. Ludgate

My customers are upset about privacy issues .. re: appended email 
addresses on the new bounce probe. I maintain 3 lists tat are all set up 
as announce only and my subcribers are kind of paranoid about emmail 
privacy ... so please consider removing the appended email eddresses on 
a "bounce probe" not sure of the terminology, but I will attach an 
example below ...
-Mike

--
Michael J. Ludgate - Ludgate Farms
1552 Hanshaw Rd., Ithaca, NY 14850
OPEN 9 am - 9 pm; 7 days per week
http://www.ludgatefarms.com/
Telephone 607-257-1765
Support your local independent retailers.
--
"Women and cats will do as they please, and men and dogs should just relax and get 
used to the idea." -- Robert A. Heinlein
--
Hi,
Here it is.
Shelley
--- Begin forwarded message:
From: 
[EMAIL PROTECTED]
Date: Fri, 22 Apr 2005 11:40:58 -0400
To: [EMAIL PROTECTED]
Subject: LudgateFarms mailing list probe message

This is a probe message. You can ignore this message.
The LudgateFarms mailing list has received a number of bounces from
you, indicating that there may be a problem delivering messages to
[EMAIL PROTECTED] A bounce sample is attached below. Please
examine this message to make sure there are no problems with your
email address. You may want to check with your mail administrator for
more help.
If you are reading this, you don't need to do anything to remain an
enabled member of the mailing list. If this message had bounced, you
would not be reading it, and your membership would have been disabled.
Normally when you are disabled, you receive occasional messages asking
you to re-enable your subscription.
You can also visit your membership page at
http://icycle.org/mailman/options/ludgatefarms_icycle.org/shelleygould%40netscape.com 


On your membership page, you can change various delivery options such
as your email address and whether you get digests or not. As a
reminder, your membership password is
ceonep
If you have any questions or problems, you can contact the list owner
at
[EMAIL PROTECTED]


Switch to Netscape Internet Service.
As low as $9.95 a month -- Sign up today at http://isp.netscape.com/emreg
Netscape. Just the Net You Need.

Subject:
Mail delivery failed: returning message to sender
From:
Mail Delivery System <[EMAIL PROTECTED]>
Date:
Fri, 22 Apr 2005 11:31:52 -0400
To:
[EMAIL PROTECTED]
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
 [EMAIL PROTECTED]
   SMTP error from remote mailer after RCPT TO:<[EMAIL PROTECTED]>:
   host mx06.mindspring.com [207.69.200.159]: 550 [EMAIL PROTECTED] unknown
 [EMAIL PROTECTED]
   SMTP error from remote mailer after RCPT TO:<[EMAIL PROTECTED]>:
   host lss-law.com [211.233.62.138]: 551 User unknown <[EMAIL PROTECTED]>
 [EMAIL PROTECTED]
   SMTP error from remote mailer after RCPT TO:<[EMAIL PROTECTED]>:
   host sitemail2.everyone.net [216.200.145.36]:
   554 Recipient Rejected: Not accepting mail for this account :
   Account Inactive
 [EMAIL PROTECTED]
   SMTP error from remote mailer after RCPT TO:<[EMAIL PROTECTED]>:
   host mx2.hotmail.com [65.54.190.7]: 550 Requested action not taken:
   mailbox unavailable
 [EMAIL PROTECTED]
   SMTP error from remote mailer after RCPT TO:<[EMAIL PROTECTED]>:
   host mx2.hotmail.com [65.54.190.7]: 550 Requested action not taken:
   mailbox unavailable
 [EMAIL PROTECTED]
   SMTP error from remote mailer after RCPT TO:<[EMAIL PROTECTED]>:
   host mx2.hotmail.com [65.54.190.7]: 550 Requested action not taken:
   mailbox unavailable
 [EMAIL PROTECTED]
   SMTP error from remote mailer after RCPT TO:<[EMAIL PROTECTED]>:
   host mail0.lightlink.com [205.232.89.50]: 550 <[EMAIL PROTECTED]>... User 
unknown
 [EMAIL PROTECTED]
   unrouteable mail domain "lightlink.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "juno.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "aol.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "clarityconnect.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "aol.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "aol.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "twcny.rr.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "yahoo.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "hotmail.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "juno.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "yahoo.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "twcny.rr.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "hotmail.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "aol.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "msn.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "yahoo.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "hotmail.com"
 [EMAIL PROTECTED]
   unrouteable mail domain "twcny.rr.

Re: [Mailman-Users] appended email addresses on probe?

Re: [Mailman-Users] appended email addresses on probe?

Re: [Mailman-Users] appended email addresses on probe?

Re: [Mailman-Users] appended email addresses on probe?

Re: [Mailman-Users] appended email addresses on probe?

Re: [Mailman-Users] appended email addresses on probe?

Re: [Mailman-Users] appended email addresses on probe?

Re: [Mailman-Users] appended email addresses on probe?

[Mailman-Users] appended email addresses on probe?

9 matches

Site Navigation

Mail list logo

Footer information