[lm-sensors] Please clean up procedures here (also against climate

From: "Boyd Noorda" <boyd2006@sociamedia.nl>
To: lm-sensors@vger.kernel.org
Subject: [lm-sensors] Please clean up procedures here (also against climate
Date: Wed, 15 Aug 2007 16:58:06 +0000	[thread overview]
Message-ID: <46C34CBE.20612.105BF55@localhost> (raw)

Dear Jean,

> > I'm quite surprised to find that the tickets are online on the web
> > site, including E-mail addresses ... This always leads to more spam,
> > often within a day. Could you please refrain from publishing E-mail
> > addresses or construct an archive bots can't access?
> 
> This is how open software development works.

?? I don't think it's normal netiquette to publish someone's E-mail 
address on a web site, without the person in question knowing, in any 
circles. OK, it happens, but by people not knowing about these things. 
I don't expect that here ...

> You posted on our public website (and right now, to our publicly
> archived mailing list), you published your e-mail address to the public
> on your own. If you didn't want it to be known to the public, then you
> should have refrained from adding it to the support ticket when you
> created it, sorry. 

There is something very wrong with procedures here, I'll explain:

- I had a simple user question and followed the 'Contact and Support'
  link.
- At this page (now called 'Feedback and Support') I simply followed
  directions under 'Support Ticket'.
  There it says: "Note: In order to get rid of spammers, we had to
  block anonymous creation and edition of support tickets. We created a
  fake account you have to use instead. First log in with name "ticket"
  and password "need help" (in one word), then you can create a new
  ticket and later edit it. Put to CC: your mail please!"
- So nothing there which warns me I'll be publishing my E-mail address,
  quite the contrary: you seem aware of the risk of spammers. The
  urgent request: "Put to CC: your mail please!" (in bold) is not
  explained(!), but seems logical: I'll get a copy myself and you know
  to which address to answer.
- I got an answer by E-mail (thanks :) which even contains the line
  "* cc: boyd2006@sociamedia.nl (removed)"
- At this point my message is already up on a wiki page, with my
  address!
- By replying to your answer, I automatically post to your mailing list
  and to a public archive, again publishing my E-mail address.
  And again there is no way to know that. There simply is a 'reply to:'
  address (lm-sensors@lm-sensors.org) in the header.
- Only when I would be very suspicious (why? no reason up to now) I
  would examine the address lm-sensors@lm-sensors.org via a web search,
  to find out it's a mailing list address. And I 'could have read' a
  blurb on mailing lists on the 'Feedback and Support' page and maybe
  could have noticed from memory (...) this could be the address I'm
  automatically replying to. Quite a long shot, isn't it?
  And I did not read that, I did not want to subscribe, I just had a
  question, so moved on to the 'Support Ticket' blurb on the page.

Besides this, I'm also very surprised to find you publish all addresses 
of posters in the public mailing list archive too. Subscribers don't 
need these addresses, they already see them in the mail.
And what's more: the version of Mailman you're using, makes it very 
simple to remove (machine) readable addresses from the web archive 
(feature added by 'public demand') ...

Now I'm quite prepared for these things happening as you can see from 
my disposable address. (Most people are not, just having one address 
with their provider). Still I'd like to restrict the harvesting of my 
addresses to not preventable cases, like infected PC's :)

I also hope to convince you to take action for other reasons:
Fighting spam with 'software filtering' (I guess you do that 
extensively, since mailing lists are even open to non subscribers) is 
very 'old school' these days. As you will know there are days when over 
90% of E-mail traffic are spam and viruses. This means the 
infrastructure and servers need 10 times the capacity they would need 
to just handle normal E-mail, and you need overhead to run heavy 
filtering software.
Any idea what this means for energy use and climate change? In the US 
already 1.2% of all electricity is used by internet servers (and their 
cooling) only!

So fighting spam and viruses should be done by prevention as much as 
possible (like using images of E-mail addresses with mailto scripts and 
refusing most spam and virusses 'at the front door'). It works and 
saves money too. Many years back our P166 server (30-41 watt) with 
loads of web sites, mailing lists and E-mail addresses was already 
choking during spam waves. Since we implemented preventive actions, 
it's running over 95% idle again most of the time. No need to upgrade, 
w're even 'downgrading' to a more energy efficient server :)  

All the best,
Boyd Noorda

_______________________________________________
lm-sensors mailing list
lm-sensors@lm-sensors.org
http://lists.lm-sensors.org/mailman/listinfo/lm-sensors