[Mailman-Users] Autoresponder and privacy

Wed Apr 6 09:31:37 CEST 2011

Dear Stephen,

Thank you for your prompt help.

If I've understood you right, it's going to be difficult for me to do
anything beyond warn people. Apart from moderate all messages, which would
be OK a lot of the time but sometimes we have very talkative days and of
course sometimes I'm away. I'm in the UK and don't know what the legal
situation is about trying and failing.

> Note that Mailman private archives are not terribly secure by default;
>you might not want to allow access even with in the privacy setting.

How insecure? Are they more vulnerable than a members-only Yahoo or Google
group for example? Are they protected from search engines? Would someone
have to make a deliberate effort to hack in to read the archive or could
someone come across it by accident, say through a search engine?

I think if it would take someone with some technical knowledge, deliberately
looking for it to get in, that would be safe enough. I will add a warning to
the FAQ that someone could deliberately hack in and bring it to their
attention. One thing I'm suggesting is that people could set up and email
account with a nickname so they wouldn't so easily be identified.

Thanks.
Clare

-----Original Message-----
From: Stephen J. Turnbull [mailto:stephen at xemacs.org] 
Sent: 06 April 2011 01:10
To: Clare Redstone
Cc: mailman-users at python.org
Subject: [Mailman-Users] Autoresponder and privacy

Clare Redstone writes:

 > I can warn everyone about this and suggest that, if they don't want
 > their details revealed, they only use an address that they won't
 > set out of office.

As Mark said, this is in some sense the best you can do.  It's not
really possible to filter on "contact details", although "phone
number" could be done (assuming you know that you have a certain
country's phone number, and that country isn't Japan, which has almost
as many phone number formats as it does phones).  But you'd need to
moderate and edit the messages by hand; automatically removing contact
details is beyond the state of the art at the moment.

 > But is there anything else I can do? Privacy is important in our
 > group so I would like to do what I can,

Note that in U.S. law in some jurisdictions, you may be liable for
damages if you make an attempt to protect a person and fail[1], while
no liability is incurred if you do nothing.  Sad but true.  Talk to
your lawyer.

That said, you can filter out signatures.  There's a standard "in
message" format, which assumes that everything following a line
containing *exactly* two hyphens followed by a space, no more and no
less, is a signature.  The details of actually removing the signature
are somewhat messy (everything in mail is between somewhat messy and
"after the bomb hit"), and many people (and the occasional
"professional" program) set up the signature wrong, so it's
smart-people-proof, but fool-weak.  There are other standard ways to
set up a signature, too, and you could filter those out as well.

However, automatically editing messages is almost certain to result in
lost information at some point, and there is no way to guarantee
you'll catch all inadvertant revelations.

 > Meantime, I may unsubscribe this person so no-one else gets her out
 > of office message.

Set such subscribers to no-mail, instead.  Then they don't lose any
personal settings and can turn the list back on for themselves when
they return.  If there are private archives, they can continue to
access those.

Note that Mailman private archives are not terribly secure by default;
you might not want to allow access even with in the privacy setting.

Footnotes: 
[1]  It used to be said that in New York City you could tell the
lawyers' houses in winter time because they didn't shovel snow off
their sidewalks.  A shoveled walk is more likely to be icy and slick.