[H-SASIG] SysAdmin SPAM

[Russell Stuart]

On Fri, 2010-01-15 at 20:39 +1100, James Iseppi wrote:
> I find it concerning that we are directing all private requests to  
> single people (both the secretary for exec, and the librarian for  
> sysadmin), where there is absolutely no accountability about whether a  
> message was received. I can certainly see the point of creating the  
> sasig and admin lists to allow for more public discussion, but exec  
> and sysadmin should still be used as the primary contact points for  
> the club, otherwise we are constantly relying on one person to ensure  
> everything is actioned and there is also no record of what happened.  
> Openness is one thing, but accountability is also important, even if  
> it can't be open.

The primary contact points are now admin and sasig.  These are (well,
were) the addresses now listed as the primary contacts on our web pages.

We have not had any private requests to sysadmin, and my guess is there
is unlikely to be any.  My principle reason for believing that is the
sysadmin address didn't appear on any web page, so almost nobody knew
about it.  Obviously issuing a private request to a list you don't know
about is rather difficult, yet the club managed to survive with that
arrangement for almost its entire life.

Despite that, like you I was a little worried about requests being sent
to one address being lost.  That is what the contact page said to send
the request both to sasig and the librarian.  I'll grant you that is
clumsy.  But it is amazing how fast things change.  It looks like the
trac system setup by Raymond is going to work really well.   The way to
get something done will be to raise it in trac, and if there is any
secret information email it to the librarian.  Unlike the other system
that isn't clumsy, and I imagine the odds of the librarian not being
chased for it are fairly slim.  Thus within a few days of me updating
the web pages to say the contact point was "sasig", Raymond changed it
to say use trac instead.  Such is life I guess.

I also agree making the secretary as the primary for private
correspondence contact is not ideal, given the other arrangements we
might have.  But that is what our good secretary wanted, and before
computer systems were common addressing all your correspondence to "The
Secretary" of an organisation was the way things were done.  It has been
that way for centuries, and I note civilisation didn't collapse during
that time.  As it happens I firmly believe the traditional roles,
responsibilities that we western civilisations have developed over the
years work, and work well.  Hence my penchant for formal reports form
each committee member at every meeting.  And hence my disgust at LA one
year not having any financial reports to present, and this year not
being able to find the minutes for the previous AGM and yet still asking
the members to approve them at this AGM.  And hence also, my acceptance
of my secretary wanting to do things in a traditional way.

As it happens, I suspect private correspondence to the exec is as rare
as it has been to the sysadmin list.  I am only aware of one email to
the exec that the correspondent wanted kept private.  That was the
invoice to caliburn.  It is interesting that given the person who sent
it was aware of all options yet he did not send it to exec at humbug, or
secretary at humbug (the options given on the web pages at the time), but
choose instead to send it to the treasurer and cc'ed to the president.
So much for instructions on web pages.

In summary there hasn't been a problem in handling email the way it is
done now.  Yet anyway.  And the principle reason is Humbug doesn't have
much in the way of private correspondence.  This isn't surprising to me.
I have occupied exec roles in a few organisations like Humbug, and
outside or the dealings with paid employees (Humbug doesn't have any),
there was no private correspondence.  You may rightly gather I have
always viewed the issue of "private correspondence" as red herring.  So
far that has held true.

> Back to the issue of the spam, if the spam is not making it to the  
> list then I really don't see the issue. You as list owner will have to  
> put up with exactly the same spam whether the list is open or not. I'm  
> pretty sure mailman is configured to accept all inbound emails except  
> where the list is not listed in the to or cc, or where there are too  
> many addresses listed in the to or cc. These will be the messages  
> you're being spammed with by mailman, which from what I've been able  
> to determine cannot be stopped without modifying mailman. If the  
> messages are being directed to list-owner@ then you've got no chance  
> of blocking them using mailman alone, since you are the owner.

I freely admit to not knowing a lot about mailman.  I have never
admin'ed it before.  Its current behaviour puzzles me, but that hardly
surprising given I don't know as much as I evidently should about it.

I am confident that if it pisses me off enough I will be able to fix it
one way or the other.  If so, I'll let you know how it was done.

> So in summary I think making the lists even more private than they  
> currently are is a bad thing and think that they should remain  
> accessible to people who are not members of the list.

I don't see how making sysadmin private could possibly be worse than not
telling anyone about it at all, as was the case until I publicised its
existence.  I know this was by no means deliberate state of affairs, but
it does serve to illustrate just how much of a waste of time this bike
shed over private lists is.  In any case my idea wasn't to make it
private, but to replace it with a public list.  Turns my idea might have
a short lifetime.  It looks like the plan of sending maintenance
requests to sasig will in will be replaced with trac.  I view this
evolution of ideas as a good thing.