[Mailman-Users] AOL redacts user addresses even with VERP and full personalization enabled

[Lindsay Haisley]

On Mon, 2012-06-18 at 14:59 -0400, David wrote:
> In terms of privacy, as list admins we already have the member's
> information. All we are doing in this case is helping that member stop
> receiving messages they obviously no longer wish to receive. This is
> clearly not an invasion of privacy (especially with a properly
> encrypted implementation). It is a service to the individual (and to
> the entire list membership and even the Internet as a whole, I think).

Dave, you're spot-on in this assessment, and this is the way I run my
business.  Unfortunately, the Internet is no longer the kinder, gentler
network it was 15, or even 10 years ago.  In terms of an effective and
progressive attitude toward customer service and satisfaction, AOL's
position is 180 degrees counterintuitive and makes NO sense whatsoever.
It only makes sense in terms of butt-covering!  In that context, it's
totally logical.  AOL has for years, perhaps always, been infamous for
the lousy quality of their email service.

FWIW, pursuant to Stephen's comments re. using encryption rather than
hashing for passing recipient addresses in headers, I've attached a
short Python script which puts short strings of data, such as an email
address, into an AES cipher.  This could be folded into the Mailman
handlers and AES_SECRET_KEY could be put into mm_cfg.py.  Hacks to
SMTPDirect.py to incorporate an encrypted cipher of the recipient
address could make use if it.  I believe all the Python modules it uses
are standard issue with the distribution.

-- 
Lindsay Haisley       | SUPPORT NETWORK NEUTRALITY
FMP Computer Services | --------------------------
512-259-1190          | Boycott Yahoo, RoadRunner, AOL
http://www.fmp.com    | and Verison