mailing list privacy, etc.

Fri Apr 15 17:51:01 UTC 2022

Hi,

I wasn't on this list when the mentioned spam incident occurred, but I
experienced a similar thing on another mailing list, with basically the
same attack scenario, except my address was getting subscribed to
newsletters and other mailing lists.

Given quite a few of them were unavailable in EU, repeated unsubscribing
was quite an operation.

But except the drag of cleaning things up, there was not much else to
deal with. The list administrators have removed the problematic
addresses, and everything was fine again.

In this regard, I view the current list privacy policy as unnecessarily
overprotective.

It would make sense, *if* Blinux list was the only mailing list the user
is signed in, or if significant amount of the other-ones were doing the
same thing.

But what is the reality?

The reality is, that I'm signed up in 9 different mailing lists right
now (and the number was even higher in the past).

And Blinux is the only-one of them hiding the eMail addresses in
communication.

If a spam wave were to attack, there are plenty of other attack vectors
than this list.

And I'm likely not the only-one in a similar situation. I suppose a
considerable part of this list is also on the Orca mailing list, and
many, many other communities have their own, where the users may be
registered.

If someone is concerned about spam waves, they may consider using a
separate address or address alias for mailing lists, which they can
discard if necessary.

Hiding addresses on the list not just makes communication highly
inconvenient, as you can't address people, and neither observe their
behavior and identify the ones with... say lower assertivity skills, but
another issue is private communication.

There are situations, when you need to ask or tell a person something
that is off-topic for the list or contains private information.

In such cases, asking for a contact and exchanging addresses (even the
single address), raises far more attention and space than a simple
private thread reply would.

Thus, if the spam source was removed back in the days of the incident,
I'm definitely for turning the names and addresses on.

And if the incident repeated, we could also very well just move the list
to a different provider, with stronger sign up security measures. There
are many to choose from.

Best regards

Rastislav

Dňa 15. 4. 2022 o 0:14 Linux for blind general discussion napísal(a):
> If we get spam, which I mean that happens regardless, from
>> online account leaks of your email address, to going on dubious sites and
>> submitting your email because you got a text saying you won $500, spam is
>> gonna happen. If your mail provider, or mail server, or email client, can't
>> deal with spam, usually by you marking an email from a sender as spam and
>> the program automatically marking further messages from that sender as spam
>> too, then that's a problem with your setup, not the list.
>
> You were not here when this happened, so you are not understanding the
> problem that occurred. Every time anyone would post a message to this
> list, that person would get inundated with hundreds of pornographic spam
> messages, not all from the same sender, and even the major email
> providers like Gmail and Yahoo couldn't keep up. Hundreds would come in
> to one individual's mailbox, and 30 or more would survive all the spam
> filtering thrown at them. I wouldn't say that the problem was with the
> list itself, or even with its administration, but I do know that it
> wasn't bad spam filters that were to blame. Yes, spam will happen no
> matter what. It's just part of email. But this was truly out of control
> and something had to be done quickly to fix it. I'm not necessarily
> arguing that this measure still needs to be taken in this way even now,
> but it was the best solution at the time.
>
> ~Kyle
>
> _______________________________________________
> Blinux-list mailing list
> Blinux-list at redhat.com
> https://listman.redhat.com/mailman/listinfo/blinux-list
>