Some updated list stats, etc.:
A fair increase (7.5% increase in total uniques) since I last checked (see references),
list subscribers (does include also those with delivery disabled): $ wc -l */memb*`date -I` 28 balug-admin/membership_2007-12-28 336 balug-announce/membership_2007-12-28 261 balug-talk/membership_2007-12-28 $ sort -u */membership_*`date -I` | wc -l 518
e-mail addresses that are subscribed to "talk", but *NOT* subscribed to "announce". $ { sort -u balug-talk/membership_`date -I`
cat balug-announce/membership_`date -I` \ balug-announce/membership_`date -I`; } | sort | uniq -u | wc -l
177 That will soon get "corrected" ... policy has been changed, and for those that don't ask to be excepted, if they're on "talk" (or "admin") but not on "announce", they'll get added to "announce" unless they follow the procedure to get added to the exception list (this has been mentioned now on the "talk" and "admin" lists ... I'll wait a few days or so for folks to ask to be "excepted" - and then add those that don't ask to be excepted to the "announce" list - I plan to do this *early* next year - before we do our next send to the "announce" list).
I also restricted access of the list roster to the list admins - to prevent potential abuse (e.g. by spammers). Those that have access to the balug group on new.balug.org can also read periodically archived copies of the list roster and backup copy of the archives ( file://new.balug.org/home/balug/e-mail_lists/ )
references: http://lists.balug.org/pipermail/balug-admin-balug.org/2007-October/000419.h... http://lists.balug.org/pipermail/balug-talk-balug.org/2007-December/004105.h... http://lists.balug.org/pipermail/balug-admin-balug.org/2007-December/000470....
Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):
I also restricted access of the list roster to the list admins - to prevent potential abuse (e.g. by spammers).
Uh-oh.
I think we need to talk about that, because I think it's an extremely bad idea, and am delaying un-doing your change pending discussion primarily in the name of the spirit of consultation among admins. I.e., I _do_ expect to revert that change soon, but wish to discuss the matter first.
(In the future, I'd actually respectfully suggest you check with the other admins before making fundamental changes, rather than having us merely react to them retrospectively. I hope you don't take that as any form of personal criticism, as I highly respect you for showing leadership. Very likely, you assumed this was a no-brainer improvement, and I gladly acknowledge your benign intent.)
Making the roster accessible to listadmins only, as opposed to subscribed members, really doesn't help the "I'm hiding my address from spammers" people much, in the first place: Spammers can easily programmatically "harvest" the addresses of anyone who's ever posted, from the back-postings archives. Moreover, the "I'm hiding from spammers" people already have a less-drastic remedy that doesn't injure the transparency of the roster generally: Anyone who's _that_ concerned about his/her address never being seen in public need only set the "hidden" flag on his/her individual subscription.[1]
The harm done by setting the roster listadmin-accessible-only is twofold: (1) It prevents people from seeing whom they're sharing the list with, i.e., whom they're speaking to at the moment -- for no compelling reason whatsoever. I really think this is an important concern, and part of what it means to be a community -- to know _who_ (or at least what e-mail address) is participating with you, other than those who've explicitly hidden their addresses.
(2) Using the listadmin-accessible-only setting creates an implication of hypercontrol and creates the suspicion in the minds of many of us mailing list old-timers that this is yet another forum run by control freaks who like to "disappear" people they dislike while making sure that, lacking access to the roster, they write to their fellow members to protest the action. (You can rightly protest that we're not that sort of admins. The point, however, is that's the impression such settings naturally convey.)
I hope the above analysis doesn't come across as cranky or kneejerk: I've been through this discussion many, many times over a period of decades, and so please accept my apologies in advance if it seems harsh, peremptory, or insufficiently well explained.
[1] People here who are subscribed to the main SVLUG mailing list, whose roster is viewable by any subscribed party, can see the effect of that flag's use at http://lists.svlug.org/lists/roster/svlug . For the benefit of those who aren't, the roster starts out with this header data:
436 Non-digested Members of svlug: 166 Digested Members of svlug: (11 private members not shown) (4 private members not shown) [list follows below that] [list follows below that]
The "11 private members" and "4 private members" are those who've set the "hidden" flag on their individual subscriptions.
The SVLUG list's listinfo page includes this advisory in strong-tagged text, to further warn in advance any I'm-hiding-from-spammers people:
Our public message archives display unobscured posting addresses. If you're trying to hide your e-mail address from spammers, do not post from that address.
Correcting an accidentally omitted word:
(2) Using the listadmin-accessible-only setting creates an implication of hypercontrol and creates the suspicion in the minds of many of us mailing list old-timers that this is yet another forum run by control freaks who like to "disappear" people they dislike while making sure that, lacking access to the roster, they write to their fellow members to protest the action. ^ cannot
And yes, I've seen a couple of mailing lists where such warning signs _do_ correctly indicate that such passive-aggressive, control-freak behaviour is endemic among the listadmin staff.
By the way, speaking of typing gaffes, I just did some very minor and insufferably pedantic copyediting fixes to the new text on the listinfo pages:
o "subscribed": You accidentally omitted the "r". o "Web": Being a proper noun in this context, it needs an initial capital. o "Linux": Since it's not an acronym, "LINUX" really wasn't right.
I also bestowed a few initial capitals, closing periods, and commas where needed. (Yeah, I know most people lack the pedant gene, and am not complaining. I just want our pages to look the best they can.)
Quoting Rick Moen rick@linuxmafia.com:
(2) Using the listadmin-accessible-only setting creates an implication of hypercontrol and creates the suspicion in the minds of many of us mailing list old-timers that this is yet another forum run by control
And yes, I've seen a couple of mailing lists where such warning signs _do_ correctly indicate that such passive-aggressive, control-freak behaviour is endemic among the listadmin staff.
Well, hopefully "we" (BALUG) aren't too likely to run into such problems ... though it's not necessarily always feasible to alay all suspicions.
I generally try to be sure we've got at least 3 or more people that have control of any one resource - particularly critical resource(s) - so we can avoid single points of failure or other nasty bottlenecks or problems. We're not quite fully there, but we're fairly close. E.g. 3 folks have full access to BALUG stuff on DreamHost.com (though 1 has ultimate control), new.balug.org/sf-lug.com. has 3 or more folks with full access (except physical access - we should eventually tweak that a bit) - upcoming / in-process system/resource builds generally have similar access (e.g. 3 or more folks) or such is a work-in-progress. On the lists, there are numerous folks that have the list admin password, though the present list hosting has ultimate DreamHost.com dependencies - at least at present. We also have backups of at least the most critical stuff that's presently on DreamHost.com - so if we ever had to do a rough transition, it would be feasible. We're working on DNS (still in the hands of exactly one busy person - but amenable to changing that).
As the number of subscribers on a list increases, and if all on the list can get the e-mail addresses of everyone on the list, the probability of abuse increases (e.g. we'll likely soon have over 500 e-mail addresses on our "announce" list). We probably have "more than enough" folks that have access to the list roster (probably at least half a dozen or more folks) - so the probability of someone successfully coopting the list and denying access to most or all of the subscriber e-mail addresses to BALUG is quite low.
Some of the denying list roster access to all subscribers is also driven by administrative laziness^Wefficiency - the quickest and easist way I presently have* to grab list of subscribers (for our backup purposes) doesn't show those that have set their option to "hide" their name/e-mail from the roster - by not letting all subscribers have access to the list, and by clearing that "hide" option where it's set, it allows easier grabbing of all the addresses for backup purposes (admin can find the "hidden" addresses anyway, ... it's just more of a pain to get to them) ... but I wouldn't want to expose the "hidden" e-mail addresses to all subscribers, either. I also removed the text from the list descriptions that indicates whether or not the roster is available to all subscribers - I figure it's simpler to not explicity state what's the case (and run risk of text not matching current practice), and whether or not roster is available to all can be change as/when needed or appropriate as an administrative decision - without need to change the list description again or imply that we'll necessariliy keep it set one way or the other.
*if you know of something easier, let me/us know. Note that we're rather restricted on our DreamHost.Com hosted service. Easiest I know of so far is, e.g.: http://lists.balug.org/roster.cgi/balug-announce-balug.org
By the way, speaking of typing gaffes, I just did some very minor and insufferably pedantic copyediting fixes to the new text on the listinfo pages:
Ah, ... thanks. (Yes, I didn't get all "A"s in English).
o "Linux": Since it's not an acronym, "LINUX" really wasn't right.
Yes, ... bad old habit ... I'm trying to get myself to generally use Linux instead of LINUX.
(Once again, apologies in advance if through impatience and overfamiliarity with this issue I come across as too brusque.)
Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):
Well, hopefully "we" (BALUG) aren't too likely to run into such problems ... though it's not necessarily always feasible to alay all suspicions.
That natural suspicion -- which I'm not sure you're taking seriously enough -- is of course part of the problem, but there's also the other part I cited: In a Linux online community, the ability to see who else is participating (or at least the posting addresses) is, I maintain, an essential and natural part of the community process. As I've pointed out, the "hide from spammers" reason you originally cited simply doesn't hold water for several reasons.
That leave the reason you just posted: your ability to screenscrape the HTML version of the roster without having to clear members' "hidden" flags, first.
*if you know of something easier, let me/us know.
Since, lacking shell access, we cannot use /usr/lib/mailman/bin/list_members , what comes to mind for a programmatic solution is:
1. Clear "hidden" flags via the admin screens, capturing the addresses for which you do this. 2. Screenscrape the resulting roster screen. 3. Re-set the "hidden" flag on the members affected.
As the number of subscribers on a list increases, and if all on the list can get the e-mail addresses of everyone on the list, the probability of abuse increases (e.g. we'll likely soon have over 500 e-mail addresses on our "announce" list).
Part of the price of participation in a public community is that you might get contacted by jerks. As mentioned, people who wish to participate but not let the public see their e-mail addresses already have the means to do so (though they'd also need to make sure they never post). It's just not reasonable to cripple the transparency of our mailing lists just because someone, some time, could send people mail they don't want. For one thing, your change _doesn't even prevent_ them from doing that: It means only that they need to carry out that misdeed via the mailing list itself, possibly using throwaway webmail addresses if they intend to commit repeat offences.
(That having been said, there is no compelling need for the _announce_ list's roster to be accessible to anyone but the listadmins, as it's not a community forum. I was referring to the other two, which are.)
We probably have "more than enough" folks that have access to the list roster (probably at least half a dozen or more folks) - so the probability of someone successfully coopting the list and denying access to most or all of the subscriber e-mail addresses to BALUG is quite low.
Setting aside the fact that I spoke of the public _impression_ of likely listadmin abuse created by deployment of such settings, not the probability of that abuse actually occurring, sadly, what you claim above turns out to be non-sequitur: There have been many cases (elsewhere) of listadmins carrying out personal measures against members that their fellow admins never noticed, and indeed had no easy means to see at all. This is especially easily done on Mailman installations such as Dreamhost's where the listadmins don't have access to Mailman's logfiles, the only complete record of who has done what.
I also removed the text from the list descriptions that indicates whether or not the roster is available to all subscribers.
Well, I'm putting it right back, after sending this mail, and changing the rosters of balug-talk and balug-admin back to subscriber-accessible, for reasons cited. I'll readily admit to feeling strongly about the latter point, but it's the fruit of very long experience as a listadmin.
(I'm putting the roster access text + markup back onto the balug-announce listinfo page, too, because, well, it's useful to the listadmins, darn it.)
And, _please_, again, let's all consult before suddenly changing key mailing list settings. For one thing, it's a real pain to have to consult other Mailman installations to re-find the markup you removed from the listinfo pages without consulting anyone else.
I'm not asking for unique consideration on account of the coincidental fact that I happen to be BALUG's sole listadmin at the moment, but I do think that I (along with this group of admins generally) should have been meaningfully consulted and not merely informed after the fact.
Correcting myself:
I also removed the text from the list descriptions that indicates whether or not the roster is available to all subscribers.
Well, I'm putting it right back, after sending this mail, and changing the rosters of balug-talk and balug-admin back to subscriber-accessible, for reasons cited. I'll readily admit to feeling strongly about the latter point, but it's the fruit of very long experience as a listadmin.
Apologies: I mistakenly thought you were saying you had removed the entire feature of roster access (which one _can_ also do). You merely meant that you'd removed what produces the phrase "This is a hidden list, which means that the list of members is available only to the list administrator."
I actually do think that such standard advisories should be left in place, because that's where people expect (from familiarity with Mailman elsewhere) to see what the policy is -- and so that people are not surprised.