[Mailman-Developers] Proposed: remove address-obfuscation code from Mailman 3

[David Champion]

* On 31 Aug 2009, Barry Warsaw wrote: 
> 
> Mailman will always still collect the raw data for messages sent to
> the list.  There are legitimate uses for allowing outsiders access
> to that data (say, the list is moving and you want to migrate the
> archives), so I think we always want to support this.  The question
> is how much if any of the raw data does the general public get
> access to?

It seems clear that there are legitimate use cases for raw archives, so
I'll skip the justifications and just address how we can balance between
transparency and security.

I'm going to embracing and extend something Barry suggested in
private mail.  He suggested a list setting that permits signed-in
list subscribers to download raw archives if they have some
'archive-approved' status.  What if that is a three-way switch:
approved, unapproved, and blacklisted?  New subscribers would always
be unapproved.  An unapproved subscriber who successfully posted to
the list, clearing any approval mechanisms in place and subject to a
list configuration option, would get approved for raw archive access.
(Automatic posting-equals-approval would not be desirable for all
lists, but it would for many.)  An approved user could be blacklisted
by moderator action or by an automated moderation filter.  Coming off
blacklist status would require manual action by the moderator.

And there could be a form in the application to request approval or
de-blacklisting, of course.

-- 
 -D.    dgc at uchicago.edu    NSIT    University of Chicago