Span in the lists

Polytropon freebsd at edvax.de
Sat Mar 5 17:02:56 UTC 2016 

On Sat, 05 Mar 2016 09:07:21 +0800, Ernie Luzar wrote:
> A molehill is something that only effects a few people. But saying that 
> all users of the different mailing lists should modify their personal 
> email software to filter out spam from the FreeBSD lists is just plain 
> stupid.

The amount of spam on this list is still so low that the
easiest way to deal with it is to press DEL a few times
(or click the corresponding delete button in the GUI).
It's less than 10 spam messages a day, and I'd guess that
it's less than 20 per week, maybe per month. The spam level
is so low that I can't even tell you proper numbers.



> It's FreeBSD goal to present it's self as a professional 
> organization, but yet the powers to be are still stuck in the past. 

Basically, you're right, but the experience on this open list
is still much better than on others. I know several people who
consider themselves "professionals" and they partiticipate in
closed mailing lists (even without public archives); stangely,
some of them have to deal with 50+ spam messages per day...



> Maillman is the software application used for all the 'lists' and its 
> designed with user registration built in. Its simple to turn on.

This would make the list less open, but yes, I agree, this is
an alternative that should reduce spam a little bit. But in no
way it's possible to eliminate spam entirely.



> Posting to the list is only half of the problem. What about all the spam 
> sent to list members email address that got harvested because all posts 
> show the posters email address? Again the solution is right in front of 
> us. Mailman software also has config option "anonymous_list" which stops 
> putting real email addresses in list posts.

Correct! But if you're going this route, you'd have to postprocess
each messages content, not just its header. And you'd have to be
very careful not to eliminate false-positives that look like e-mail
addresses (of list members), but aren't. The messages header should
be easy to "clean", and the initiator of the messages the participants
receive then is the list mailer itself. This however eliminates the
possibility to send off-list replies (sometimes intended by the poster).
Then _in_ the message (the message content) we have the quotation
headlines, "On Sat, 5 Mar 2016 09:07:21 +0800, Bob <bob at example.com>
wrote this:", as well as possible addresses inside the message, like
"ask the maintainer bob at example.com for the experimental patch".
I think it will be much harder to deal with that. Just imagine all
the ways the @ sign can be used in code snippets... ;-)

Then you didn't forget about the fact that the list content is
being published on the web, for spammers' scrapers to harvest.
It's additionally being mirrored by other sites which can be a
source for possible addresses.

Note that not all spam is sent through the list (or toward the list);
often it is sent to harvested addresses directly which would imply
that the mailing list configuration can do nothing about it - the
recipient has to act here. Training your spam filters should not be
that hard, it can be done on various stages (own mail server, mail
message delivery system, GUI client, whatever).



> Its time FreeBSD steps up to the plate and takes the normal steps to 
> tighten control over the lists at the central source instead of forcing 
> the list users to do it.

As I said, problems happen on various levels, one of them being a place
where the list configuration managers can step in and act.



> There is no defense that can justify keeping 
> the lists from registration.

That would indeed be possible. I cannot imagine of real downsides,
but maybe there is actually an important reason _not_ to require
registration?

If I make up my mind, I can only think of a situation like this:
A person wants to request help, but cannot receive e-mails because
they are redacted by corporate headquarters, oppressive governments
or other ways of stupid regulation. He can _send_ a question to the
list and wait for answers. He can still read them on the web mirror
of the list.

Is it possible to imagine a situation like this?

Are there maybe other situations where "no registration required" is
an important feature to have?



> Lets get with the times and demonstrate how 
> professional FreeBSD really is.

You know, turning an open community into a walled garden is not a sign
of being professional. :-)


-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...

More information about the freebsd-questions mailing list