Re: Poll: Should mhonarc.org mail archives hide mail addresses
On Jan 3, 2004, at 12:14 PM, Earl Hood wrote:
and I apologize in advance if I go running down another rathole...
Basically, it comes down to informed choices. I've tried to note
in the documentation that posts to the lists will be displayed in a
public manner and that address hiding/masking techniques may *not*
But this creates more questions, like, "are the users knowledgable
enough to make that informed decision?" -- or is it the admin's job to
set up a list environment where the admin makes those decisions so the
user doesn't have to? What's the user's expectation here, and
I could argue both sides of this (but I won't). it depends on the group
and the nature of the list. But I lean towards it being the
responsibility of the admin to create a list environment that the user
doesn't have to evaluate whether or not is safe to use. If it's not
safe to use, why create it?
and to push that point to absurdity, a real truth in advertising
announcement for a list that publishes email addresses to the web
without restriction today is "posting to this list will guarantee that
spammers will get your e-mail address and start sending it spam". And
how many users, if it was spelled out that explicitly, would say the
list admin was doing their job?
I know from talking to list users a lot on the servers I run, their
expectation is that what they use is safe. If they stop thinking that,
they scatter to the winds. And arguably, they should.
Right now, I do not know what the stats are of people who have decided
to not post to the list because of the public nature of the archives,
hence the poll, which people can respond to me via private mail if
posting is a problem.
there are actually multiple issues here, because you not only have all
users, but key contributors, or potential key contributors.
To attempt to not spread this into a general "best practices" or "what
the net ought to do" argument again, here's how I view it as far as the
MHonArc archives specifically:
1) I think it's a bad thing if a user who needs support on MHonArc has
to subscribe to the list and post to it to get an answer, when doing so
exposes their email to spammers. (and if you think about it, as people
become more aware of this "posting to lists with unprotected archives
gets you spammed" issue (most users, honestly, still have no clue about
these things, another argument for the admin taking proxy action and
not depending on "informed consent"), what you do is drive users off of
the list and to private e-mail, meaning because they won't use the
list, they'll email Earl directly, whcih seems the wrong thing to
2) it's a worse thing if the person above asks the question, but gets
no answer because the person with the answer won't, or has left the
list. This is why the attitudes of the key contributors are even more
important than general attitudes here -- they are the source of your
value and information on the list. When I've had these issues on my
lists, I've actually gone into the archives, identified people who used
to be key contributors who've stopped, and tried to track them down to
find out why. It's usually eye-opening (and scary). Perhaps the user
will get an answer from a key contributor privately, because they've
stopped posting -- and that invalidates having archives, since the
answers aren't there for future research.
Speaking personally, I've left a number of lists that didn't/wouldn't
protect their archives, and become spectators in others. While my
address is widely out on the net and I can't pull it back (although i
do where I can), and my account is heavily spam-protected -- I am not
interested in continuing to add to that public visibility
unnecessarily, so I can say that there are a number of times I've
chosen to not ask questions here, but instead changed approaches if I
couldn't pull an answer out of the archives, and I don't answer
questions here that I might otherwise, although I wouldn't call myself
a potential key contributor, either. But losing one or two of your top
2% of contributors is a major loss, and losing a small group out of the
top 10% is a serious one. And if your list is similar to the
tech-oriented lists I run, you have, and as the open-archive -> spammer
connection becomes better known, that'll accelerate.
BTW, Net users should be aware that posting to an open list is
making a public post. The technical nature of the Net makes it
possible for anyone to archive a list, as has been done with mhonarc.
But again, the admin is in control of that. All of my lists have rules
of usage stating you can't create a public archive without permission
of the list owner, and if we find a "pirate" list out there, we get it
shut down. if we don't get cooperation, the archive gets blackholed so
at least no new material gets into it, and that usually gets their
attention. So with some simple actions, you stll control the destiny of
your content to a good degree.
the fact that these things are public means you can't 100% guarantee a
user's safety from spambots and the like. The fact that you can't 100%
guarantee it doesn't, I believe, give an admin the chance to avoid any
responsibility here and do nothing to protect their users. I think it's
the admin's responsibility to take reasonable and practical actions to
protect their users from harm coming from them from using the list.
also have archives of the user's list, and I have no real control
over those archives.
yes, you do, if you choose to exert it.
If a poster wants the best insurance of protecting their address when
posting to a public mailing list, they will have to protect their
address within the message itself.
What is the more reasonable action? To assume that everyone,
everywhere, become knowledgable enough and teechnically savvy enough to
protect themselves from the spammers, or for the much smaller pool of
admins, who are already generally technical and saavy about these
things and who control the choke points spammers depend on to do the
implementation for their users? (and taking it a step further, what
about the tool implementors that build the tools that the admins use to
build their sites that users use?). What is the most efficient use of
resources? What is the most effective?
I argue it's not "throw it at the feet of the user and pretend it's
their problem". it's your archive they're using. You're effectively
telling them to protect themselves from your archive, becuase your
archive isn't safe. To me, that's like saying "if you get on the bus,
invent airbags, because as the driver, I see no reason to drive safely,
so if we get in an accident, you need to be able to protect
and that's probably more than enough for most folks, so I'll shut up...