Dave Crocker wrote:
A member of a mailing list I run complained about getting his mailing
list password, in the clear, every month. Apparently this is the
default for mailman and I hadn't ever thought about it.
That enforces the requirement that the owner of an email address, the
"data subject" in European privacy directives parlance, must be able
to amend or delete the relevant entry of the list.
Certainly the sending a password in the clear sounds like a terrible
idea and one might expect it to be enough to mandate turning the default
off.
The user should have been warned to choose a weak password.
So I thought I'd ask you all for opinions...
IMHO, it is annoying but practical, thus I'd vote yes.
As an alternative, we could have a generic mechanism that maintains a
distributed database of forwarded email addresses, so that recipients
can navigate to each entry point where their address is stored along
with a recipe for forwarding email messages. Besides the accompanying
chance to fix forwarding, that would provide a framework to seamlessly
manage
* mailing lists,
* newsletters, and
* ".forward" recipes.
It may be interesting to compare how those three models of forwarding
currently tackle this "privacy problem".