David W Tamkin <email@example.com> writes:
> Russ explained,
> | Based on my memory of that discussion, the official stance of the
> | people actually running gmane is "You can submit lists for archiving,
> | and we trust you not to do anything stupid. Submitting lists that
> | don't want to be archived is something stupid -- don't do that."
> If that's the case, then gmane management are not slinking around for
> lists to grab: they're just na´vely believing anyone who says "this list
> I know of wants you to archive it." So they're like a mailing list that
> accepts obviously forged subscriptions without confirmation.
Right, exactly. And given that the project started as a neat idea on the
Gnus mailing list and the only people adding things to it at first were
Gnus developers who can generally be trusted, it doesn't surprise me at
all that there aren't adequate safeguards in place.
Basically, I think the most likely explanation of the problems you all are
encountering is that the project didn't scale all that well and now needs
to have some security retrofitted onto it because there are now people
adding lists who can't be trusted to have done their homework.
Russ Allbery (firstname.lastname@example.org) <http://www.eyrie.org/~eagle/>