In message <380739A5.23E6AE81@encephalon.com>,
Steve Bergeon <firstname.lastname@example.org> wrote:
>Yeah it's simple, even simplistic. Also reactive and after the
>fact. You all would rather have your beepers go off and have
>to scramble around at whatever hour to close the barn doors
>after the fact rather than be proactive and enforce a policy
>by the use of technology?
I've kept quiet so far, because I personally have already had more than
my share of these sorts of arguments with people in the past, and because
I don't actually have either the time or the inclination to get embroiled
in yet another one at this moment.
But let me just say two things...
#1) I am _very_ sympathetic to your position, for reasons that are well
known to some/many members of this particular mailing list.
#2) Regardless of that fact that you may have found a kindred spirit in
me, in general, you are going to find your position, and your argument
to be an extremely "tough sell", both here on this list, and elsewhere
on the net.
The reasons for that are complex and varied. There are undoubtedly many
many cases of system administrators who are either too lazy to apply all
necessary and proper automated security measures to protect their systems
from outside activities that they disapprove of, or else who are not in
a position to adequately apply such measures because of limitations of
the operating systems and/or harware that they, perhaps through no fault
of their own, are stuck using. Simply telling these people (in effect)
that they ought to get their acts together will NOT win you any friends
OR make you very many converts. Trust me. I know.
Separately however, chiding people for what would superficially seem to
be serious gaps in security with respect to anything related to E-mail
(e.g. mailing list subscription requests and their processing) is not
entirely fair to the people you are chiding. Something that people
(including myself) sometimes lose site of is the fact that E-mail, by
itse very nature is _designed_ to be ``insecure''. Most folks (and most
mail servers) accept E-mail from literally anybody. This is by intent.
Obviously being "open" in this way to a world full of real and potential
miscreants creates many kinds of "security" hazards, but until better
tools and technologies are developed which give admins better control
over the E-mail traffic that flows into or out of their systems, most
simply have only two choices in the matter... i.e. accept E-mail from
outside, and live with the implications and hazards of that, or else
give up and stop running a mail server altogether.
So far, most people, including myself, have elected the former alternative,
even though we know this effectively open us up to all sorts of creative
abuses (e.g. mailbombing, subscription bombing, etc., etc.) on the part
of the innumerable miscreants on the net these days, but just telling us
to work harder to deploy more automated security (in order to protect
ourselves from such problems) is not really a productive, polite, or
appropriate thing for you to do until such time as better "E-mail security"
tools/controls are available which will allow us to do exactly that.
Having said all that, I should also say that I _do_ feel that you are
pushing on an issue which _needs_ pushing on. The implementors of
mailing list packages (some of whom are here) need to think longer,
harder, and deeper about implementing more and better "security controls",
for example, automated checks that will automatically shut down the perp,
if and when a whole set of subsubscription requests comes in (for a given
subscriber address) in rapid succession.
When and if such controls become generally available, THEN you can properly
chide anyone who fails to use them to automatically protect their sites.
But until then, your chastizements are not particularly productive.