The problem here is that what might appear to be a reasonable approach
and what can be proven to be a verifiable approach at reasonable cost
are not necessarily the same.
I would rather anticipate the problem rather than wait for an issue.
It is not just the message archives that are relevant, the membership
lists are also very relevant, as are the mail server logs. It is also
questions of procedure, does the mail server corrupt DKIM headers &ct?
it is also about notice, does the list provide appropriate NOTE WELL
advice on subscribing to the list and on regular intervals thereafter?
Easy to set up if all the lists are set up in one place, impossible if
they are all over the place.
It seems to me that we have reached the point where it is rather easier
to ensure standards are met by bringing the process in house rather than
asking third party list maintainers about their practices.
I would suggest doing this gradually by making in house maintenance a
requirement for all new lists as they are created.
-----Original Message-----
From: Russ Housley [mailto:housley(_at_)vigilsec(_dot_)com]
Sent: Monday, April 14, 2008 10:25 AM
To: Hallam-Baker, Phillip
Cc: ietf(_at_)ietf(_dot_)org; iesg(_at_)ietf(_dot_)org
Subject: RE: IESG Statement on Spam Control on IETF Mailing Lists
Phill:
When IETF lists are housed somewhere other than ietf.org,
they are supposed to include an archive recipient so that
there is an archive available at ietf.org (perhaps in
addition to the one kept at the place where the list is housed).
Russ
At 01:02 PM 4/14/2008, Hallam-Baker, Phillip wrote:
I would suggest that the IESG also think about hosting all
IETF lists
in house in the future.
The main reason for this is legal, a list that is maintained by the
IETF is much more satisfactory in a patent dispute than one run by a
third party. Last thing we want is to have patent trolls dragging a
third party list maintainer into a dispute while they try to
argue that
the list somehow does not count.
And yes, I am aware that the 'law', might be on our side here. The
problem is that it can cost a ridiculous amount of money to have a
court decide the most obvious and basic question you might imagine.
-----Original Message-----
From: ietf-bounces(_at_)ietf(_dot_)org
[mailto:ietf-bounces(_at_)ietf(_dot_)org] On Behalf
Of IESG Secretary
Sent: Monday, April 14, 2008 8:40 AM
To: IETF Announcement list
Cc: iesg(_at_)ietf(_dot_)org; ietf(_at_)ietf(_dot_)org
Subject: IESG Statement on Spam Control on IETF Mailing Lists
The following principles apply to spam control on IETF
mailing lists:
* IETF mailing lists MUST provide spam control.
* Such spam control SHOULD track accepted practices used on the
Internet.
* IETF mailing lists MUST provide a mechanism for legitimate
technical participants to bypass moderation,
challenge-response, or
other techniques that would interfere with a prompt
technical debate
on the mailing list without requiring such participants
to receive
list traffic.
* IETF mailing lists MUST provide a mechanism for legitimate
technical participants to determine if an attempt to post was
dropped as apparent spam.
* The Internet draft editor, RFC editor, IESG secretary,
IETF chair
and IANA MUST be able to post to IETF mailing lists.
The relevant identity information for these roles will be
added to
any white-list mechanism used by an IETF mailing list.
* There MUST be a mechanism to complain that a message was
inappropriately blocked.
The realization of these principles is expected to change
over time.
List moderators, working group chairs and area directors are
expected to interpret these principles reasonably and within the
context of IETF policy and philosophy.
This supercedes a previous IESG statement on this topic:
http://www.ietf.org/IESG/STATEMENTS/mail-submit-policy.txt
That statement contains justification and implementation
advice that
may be helpful to anyone applying these principles.
A separate IESG statement applies to moderation of IETF
mailing lists:
http://www.ietf.org/IESG/STATEMENTS/moderated-lists.txt
_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf