James M Galvin wrote: > On Fri, 15 Mar 2002, Joe Touch wrote: > > A nontrivial number of users utilize employer-independent email > destinations, such as *@ieee.org, *acm.org, etc. > > I'm not willing to write-off that as ignorance of how email works. > > Sorry, you lost me here. I thought the point was that people do have > those email addresses. All I'm suggesting is that they should originate > their email from those addresses Many current mail ports (SMTP) won't allow users to 'spoof' their source email address. They prohibit mail entering their system UNLESS it is either TO or FROM their known list of users. That's why this all fails. > and believe if they know enough to have > such addresses then they know enough to do that. Knowing enough to do it isn't the same as being able to do it. > These are destination-only addresses, used for forwarding. I tried this > with Mailman (presumably a "modern" application?), to which I had > subscribed touch@ieee.org; it held it for approval. My options as > moderator are: approve, reject, defer, or discard. No option for 'add to > list of approved senders' - that requires more steps, for ME (not under > the control of the sender). There are no options for the user to be able > to add or control aliases. > > Or is Mailman not modern? > > Mailman is modern. Like its counterparts you can have an "authorized to > submit but do not receive" functionality. I believe the issue you're > raising is that mailman, like its counterparts, does not have an > integrated means to manage the exception list. > > That is not to say that you can not "automatically" manage the exception > list. You just have to set it up. LISTSERV (and my service) has a > NOMAIL feature. I believe with all of majordomo, mailman, and Lyris you > can setup a "list" to be your exception list and then you configure the > real list to also look there when checking "permissions". Yes. How do entries get added there? Why don't I have to check that? It's hard enough to get users to manage their own entries; requiring users to subscribe every alias to this 'permission list' is overkill. > > In any case the penalty for getting > > it wrong is delay, not censorship (at least in the case of the IETF > > guidelines). > > Nope - the penalty is WORK for the moderator too. > > Agreed, but the work is once per email address if you add every > exception to the "authorized" list as you discover them. I run what most would consider moderate to small lists of 1500. That is simply too much work. Joe