James M Galvin wrote:
On Fri, 15 Mar 2002, Joe Touch wrote:
A nontrivial number of users utilize employer-independent email
destinations, such as *(_at_)ieee(_dot_)org, *acm.org, etc.
I'm not willing to write-off that as ignorance of how email works.
Sorry, you lost me here. I thought the point was that people do have
those email addresses. All I'm suggesting is that they should originate
their email from those addresses
Many current mail ports (SMTP) won't allow users to 'spoof' their source
email address. They prohibit mail entering their system UNLESS it is
either TO or FROM their known list of users. That's why this all fails.
> and believe if they know enough to have
such addresses then they know enough to do that.
Knowing enough to do it isn't the same as being able to do it.
These are destination-only addresses, used for forwarding. I tried this
with Mailman (presumably a "modern" application?), to which I had
subscribed touch(_at_)ieee(_dot_)org; it held it for approval. My options as
moderator are: approve, reject, defer, or discard. No option for 'add to
list of approved senders' - that requires more steps, for ME (not under
the control of the sender). There are no options for the user to be able
to add or control aliases.
Or is Mailman not modern?
Mailman is modern. Like its counterparts you can have an "authorized to
submit but do not receive" functionality. I believe the issue you're
raising is that mailman, like its counterparts, does not have an
integrated means to manage the exception list.
That is not to say that you can not "automatically" manage the exception
list. You just have to set it up. LISTSERV (and my service) has a
NOMAIL feature. I believe with all of majordomo, mailman, and Lyris you
can setup a "list" to be your exception list and then you configure the
real list to also look there when checking "permissions".
Yes. How do entries get added there? Why don't I have to check that?
It's hard enough to get users to manage their own entries; requiring
users to subscribe every alias to this 'permission list' is overkill.
> In any case the penalty for getting
> it wrong is delay, not censorship (at least in the case of the IETF
> guidelines).
Nope - the penalty is WORK for the moderator too.
Agreed, but the work is once per email address if you add every
exception to the "authorized" list as you discover them.
I run what most would consider moderate to small lists of 1500. That is
simply too much work.
Joe