[Mailman-Developers] from python-list@python.org ... for those of you not subscribed to there

Laura Creighton lac@strakt.com
Sun, 26 May 2002 07:43:42 +0200 

(Message spamfixes:2)

Date:    Sat, 25 May 2002 22:18:12 EDT
To:      <Python@gbronline.com>
cc:      "'Sean 'Shaleh' Perry'" <shalehperry@attbi.com>,
	 "'Python Mailing List'" <python-list@python.org>
From:    Matt Curtin <cmcurtin@interhack.net>
Subject: Meta: Shibboleth (was: RE: Off Topic, But List Related)

Return-Path: python-list-admin@python.org
Delivery-Date: Sun May 26 04:25:35 2002
MIME-Version: 1.0
In-Reply-To: <007101c20458$335f1e20$388e7aa5@adirondacker>
References: <XFMail.20020525095354.shalehperry@attbi.com>
	 <007101c20458$335f1e20$388e7aa5@adirondacker>
X-Mailer: VM 6.92 under 21.4 (patch 6) "Common Lisp" XEmacs Lucid
X-Attribution: Matt
X-URL:   http://www.interhack.net/people/cmcurtin/
X-message-flag: Thank you for using LookOut, the most insecure mailer available
     ***!
X-Accept-Language: en-US, en, ru, de, fr
X-Face:  L"IcL.b%SDN]0Kql2b`e.}+i05V9fi\yX#H1+Xl)3!+n/3?5`%-SA-HDg<IT;O8XnF>Pk9
     ***uTk<3dv^J5DCgal)-E{`zN#*o6F|y>r)\<<ui53(fC)EM]42*oF|P@Hm"Z+GK%"b#q'ycf=
     ***2s5%NNR0S;8"vcNN"O;O}YpB{&^1xazqDMg^v!6LS7S"5|}2uTl$NKV5}Bkca{M|Y^cZD@{
     ***1
X-Spam-Level: 
Sender:  python-list-admin@python.org
Errors-To: python-list-admin@python.org
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.0.11 (101270)
Precedence: bulk
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Post: <mailto:python-list@python.org>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>,
	 <mailto:python-list-request@python.org?subject=subscribe>
List-Id: General discussion list for the Python programming language <python-li
     ***st.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/listinfo/python-list>,
	 <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
X-Spam-Status: No, hits=-4.4 required=5.0 tests=IN_REP_TO version=2.20
X-Spam-Level: 

On 25 May 2002, Peter F. Ferris presumably wrote:

Hi,

I'm the architect of Shibboleth, the privacy- and security-aware
mailing list manager Peter mentioned.  I'd like to clear up a few
things, just to make sure there are no misconceptions.

> perhaps you should read the white paper.
[...]
> The only addresses that would be gleaned would be those typed in the
> message body by the user.

Shibboleth addresses this problem by standardizing all addresses.
If we have a set of lists dedicated to discussion of python, we might
designate that list "family" as "python".  All subscribers to any of
the python lists would then have a standardized address form of 

 python+nym@example.com

Assuming that the local MTA uses + as the separator character between
account and token for delivery.  (I believe that qmail installations
will use - by default, and the character is settable in most Unix
MTAs.)

Thus, if my nym is cmcurtin and I'm a subscriber, my posts would wind
up in the archives (and posted through the lists) as
python+cmcurtin@example.com.  No one would ever know my address(es)
unless I include them in signature blocks and whatnot.  This means
that all mail in connection with a list, or even person-to-person
stuff that started on a list is run through Shibboleth.

Mailing lists follow the same form, e.g., "Python Technical
Discussion" might be python+tech@example.com, "Python Advocacy" might
be python+perlsucks@example.com, and "Python Questions" might be
python+help@example.com.

Shibboleth performs a series of tests to detect whether a message has
come from an "insider" (someone legitimately subscribed to one of the
lists).  If not, Shibboleth will return a "user unknown" bounce to the
sender, e.g., an outsider (e.g., spammer) mailing
python+cmcurtin@example.com would get a user unknown bounce, where an
insider mailing python+cmcurtin@example.com would have the message
delivered to me through the python list-supporting Shibboleth
installation.  (These tests also include provisions for handling of
PGP signatures, reusable passwords in X-Password headers, E?SMTP/MTA
path analysis for address forgery detection and some other useful
stuff for enforcing the only-insiders-can-talk-to-insiders policy
option.)

We actually built the system so that groups that wanted privacy and
security on a public network would be able to get it.  Spam became a
problem after the project was underway.  Spam, email-worms, etc., are
all handled remarkably well in practice on existing Shibboleth
installations.  That is, I know of no cases where any spam has been
posted to a Shibboleth mailing list, or where any worm has propagated
through a Shibboleth-run list or to a user whose address was published
through participation in a Shibboleth list.

(I know Peter from one such list family, and our lack of spam,
malware, and other outsider-originated annoyances is likely what
prompted his mention of Shibboleth.  But I can't speak for him
obviously. :-)

Peter refers to a white paper, which isn't quite correct.  The URI he
gave is for a formal technical paper that is part of the Proceedings
of the 9th USENIX Security Symposium.  You can pick up the paper as it
was presented at the conference from the USENIX site, of course.

Shibboleth is implemented in that other language ;-) but I would be
delighted to see its functionality become options in a more
general-purpose and widely-used mailing list manager like Mailman.
I'm presently too buried to perform the porting work myself, but if
someone would like to do some fun coding, I would be happy to advise
and to provide feedback on getting some of the more useful features of
Shibboleth incorporated into another system.

Happy hacking!

-- 
Matt Curtin  Interhack Corp  +1 614 545 HACK http://web.interhack.com/
Author,  Developing Trust: Online Privacy and Security  (Apress, 2001)
Knight, Lambda Calculus | Certum quod factum. --Giovanni Battista Vico


-- 
http://mail.python.org/mailman/listinfo/python-list