[Mailman-Users] Privacy and Headers
Brad Knowles
brad at stop.mail-abuse.org
Mon Aug 15 21:37:13 CEST 2005
At 6:18 PM +0100 2005-08-15, R J Ladyman wrote:
> The headers expose the sender address and domain (the message-ID does the
> latter, of course), which makes the 'hide sender...' option a bit confusing.
> I must have misunderstood the thinking behind the "Hide the sender of a
> message...." and the related privacy settings - could you explain them?
It only modifies the headers which are directly related to the
sender's identity. I'd have to check the code, but it could be as
simple as only touching the "From:" header, or it might be a bit more
intelligent and also modify the "Sender:" header, and possibly also
the "Return-Path:", and maybe all the related "X-" and "Original-"
headers that also correspond.
However, without looking at the code, I suspect it's just the
"From:" header.
> (I was hoping that it would also mean that users wouldn't be able to reply
> privately to each other, because the messages' provenances would be totally
> hidden.)
There is nothing on Earth that you can do to keep the users from
privately replying to each other. Even if you force them all to use
your proprietary anonymizing mail system, they could still reply to
each other privately. Even if you force them to access everything
through your proprietary web interface, they could always cut-n-paste
information from the headers into a new message.
There is nothing you can do to stop a truly determined user who
wants to reply privately to another user.
> Could you give me some pointers to the relevant Mailman files I would need to
> modify for the changes you suggested? Note that I'm not worried about
> preserving threading, or more correctly, the anonymisation requirement
> outweighs that of threading.
I'm not a programmer, so I can't give you a whole lot in the way
of details. However, based solely on my knowledge of the
complexities of Internet e-mail, I can tell you that the whole issue
of anonymity in e-mail is a much, much harder nut to crack than most
anyone ever gives it credit for.
> The anonymity is neither related to authorities nor paranoia, it's a user
> requirement based on what they were previously using.
Then you might want to look at the code of what they were
previously using, and see how that compares to the Python code
currently in Mailman.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the Mailman-Users
mailing list