Re: Prevalence of mailing-list bombing
"Ronald F. Guilmette" <rfg @
Thu, 30 Apr 1998 10:17:26 -0700
Your message of Thu, 30 Apr 1998 10:59:10 +0200. <199804300859.KAA00886@leibniz.math.ethz.ch>
In message <199804300859.KAA00886@leibniz.math.ethz.ch>,
Norbert Bollow <email@example.com> wrote:
> Surely I understand your anger. But I still think you're overreacting
>a bit. I think that instead of posting four-letter words, you should make
>a post in polite yet very clear language which says essentially the same
>things, and in addition recommends a consultant who is willing to assist
>clueless list-admins with setting up their lists properly, for a fee of
Do you have a URL for such a list?
>> I often wonder that exact thing. I especially wonder about it
>> each time some lout of a list admin allows me to be
>> forge-subscribed to a non-confirming mailing list he/she is
>Hmm... is there a standards-track RFC yet which specifies that all
>public mailing lists MUST use a subscription procedure which is
>strictly *opt-in* and properly secured against forge-subscribes?
I don't know of any. I also don't know of any law that says that you
shouldn't put used chewing gum in the coin return slot on pay pay phones,
but fortunately, most people are smart enough to realize on their own
that doing so is fundamentally anti-social.
>> It takes _both_ a net-hooligan _and_ an incompentent/careless list admin
>> to create one of these forged subscriptions. Remove either one from the
>> equation and these things no longer happen.
>True... but many of the most valuable lists on the internet are run by
>people who are not knowledgeable about the technical aspects of proper
>These people are competent in other areas and they
>deserve our respect for their work in areas where they're competent.
It seems altogether self-evident to me (as I trust it does also to the ma-
jority of people on _this_ mailing list) that simply having a skill or some
special/advanced knowledge in some particular area of human endeavor is _not_
a sufficient qualification, by itself, to run an E-mail mailing list on the
Internet. Open heart surgeons, bacterial palentologists, and international
tax experts quite certainly all have specialized and advanced knowledge
which the average netizen lacks and which might be usefully applied to the
task of _moderating_ mailing lists dedicated to these subjects, but as time
progresses and as the net become ever more populated with bozos and net-
hooligans, it is more and more clear all the time that the day-to-day me-
chanics of the _administration_ of a mailing list is something which, for
all our sakes, is best left in the hands of people well versed in _that_
specialty. I mean let's face it... there _are_ many case in everyday life
where you want to have someone doing the job who really knows what the hell
they are doing. You would not allow a person with three advanced degrees
in the history of the Middle Ages do your next root canal no matter how
brilliant they appeared to be in their chosen field. Likewise, just be-
cause some bloke is widely recognized as one of the world's foremost author-
ities on fluid mechanics, that does not imply that he understands the word
``bounce'' in the content of E-mail mailing lists, that he would know what
to do with one if he got one, or that he should be allowed within a country
mile of a majordomo configuration file.
Along with many other things which have been rendered obsolete by the arrival
of the Great Unwashed Masses, amatuerism in systems administration _and_ in
mailing list administration is no longer a viable option on the modern In-
ternet. You would not allow a professional endochronologist to install a
security/alarm system in your house or car simly on the basis of the fact
that ``he must be smart'' (well... _I_ wouldn't anyway) and I see no com-
pelling reason to make a similar sort of mistake when it comes to systems
security arrangements or mailing list security arrangements on the Internet.
>I've been on the net long enough to know better than to be surprised or angered
>by the occasional flame war, but I am still convinced not only that there
>is a better way but also that is plain wrong to classify anyone as
OK. Give me a different word then. What do _you_ call it when someone gives
_both_ the keys to the car _and_ the keys to the liquor cabinet to a group
of teenagers on a Saturday night? As far as I'm concerned, when list admins
setup things so that they are blindly accepting forged subscriptions, that
is almost the same thing.
>BTW, I'm sure it would be possible to design an e-mail filter that will
>automatically post a properly-worded message to any e-mail list to which
>you get forge-subscribed.
That's rather besides the point, don't you think?
Just because _I_ have sufficient skills to protect myself from all of the
miscreants and incompetents on the entire global Internet, that does not
mean that the rest of our online society is similarly fortunate. I worry
about all of the rest of you as much as I worry about me, and the Right
Place to stop stupidity is as close to the source as possible... *before*
its effects leak out all over the planet. (My years in the spam wars have
taught me this lesson all too well.)
-- Ron Guilmette, Roseville, California ---------- E-Scrub Technologies, Inc.
-- Deadbolt(tm) Personal E-Mail Filter demo: http://www.e-scrub.com/deadbolt/
-- Wpoison (web harvester poisoning) - demo: http://www.e-scrub.com/wpoison/