[Mailman-Developers] Opening up a few can o' worms here...

[Chuq Von Rospach]

On 7/16/02 3:55 PM, "Jay R. Ashworth" <jra@baylink.com> wrote:

> I'm voting in favor of the lynch mobs you mention later.

> And this is a *perfect* case that supports what has been my assertion
> all along -- you non-Libertarians out there, cover your ears and sing
> -- *it's the recipient's problem*.  This case is exactly the
> illustration I want: I couldn't have written one better from scratch.

But without rules, you can't teach the recipient what's right (with a cattle
prod, if necessary), and without rules, the lynch mob has no binding
authority.

> It's obvious that the answer is: setting up rules *would* *not* *have*
> *helped* *here*. 

Nope. But those rules are what allows you to go and make an example of the
poor schmuck, in hopes that it'll keep the next person from making the same
mistake. Wtihout the rules, there is no map you can use to teach people how
to stay out of the tiger pits.

> So what are you going to do?
> 
> Outlaw Outlook?

Don't blame outlook here. Lots of mail clients do this 'temporary caching'.

> The answer is that there is no answer.

The answer is there IS an answer. Just not a complete or fully satisfying
one.

The answer is multi-faceted:

1) rules that explicitly and unambiguously call out what is and isn't
acceptable.

2) education systems to help users understand the situation and learn how to
deal with it appropriately.

3) information that explains (and legally limits your liability for) the
limits of what you can and can't do given all this technnology, so
subscribers understand what you're doing and what you can't do anything
about but (1) and (2) above.

4) a cattle prod for when all of the above fails.

5) patience of a saint, reaction times of a ranger.

> Automatically verifying PGP sigs as a whitelisting technique is merely
> one approach that springs to mind.  There are many more.

Sorry, doesn't really solve the problem. I posted a url to a note I wrote on
this to barry a few minutes ago.

> Yeah, but the Outhouse and OE teams aren't ever going there, and
> they're your problem.

Hint: this wasn't a windows box, and it wasn't a microsoft product. IT AIN'T
MICROSOFT. Lots of clients do this now.

> At some point, if you're going to *have* a mailnbox, you *have* to take
> responsibility for it.

Yes, but if you're going to distribute email, that doesn't remove your
obligation to do what you can to protect the user from abuses in that
distribution. BOTH sites and obligations and responsibilities.

> Do you have documentary evidence, Chuq, that web harversters are the
> *only* way that *a majority* of the spam-complainers addresses could
> have gotten on those lists?  Have you created test-accounts?  Not 1 or
> 2; a couple dozen, in different places?

The person who did this has come clean to me. I know exactly what he did.
It's about the only reason I've let him live. He hasn't always been, well,
sending me christmas cards, but he's been fully cooperative.


-- 
Chuq Von Rospach, Architech
chuqui@plaidworks.com -- http://www.chuqui.com/

No! No! Dead girl, OFF the table! -- Shrek