[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5997 [Tor Sysadmin Team]: ML privacy enhancement: remove incoming mail path before sending mails to mailing list subscribers
#5997: ML privacy enhancement: remove incoming mail path before sending mails to
mailing list subscribers
----------------------------------+-----------------------------------------
Reporter: tagnaq | Owner: cypherpunks
Type: enhancement | Status: assigned
Priority: normal | Milestone:
Component: Tor Sysadmin Team | Version:
Resolution: | Keywords:
Parent: | Points:
Actualpoints: |
----------------------------------+-----------------------------------------
Comment(by mikeperry):
We did not discuss it in person, but I sense the major downside is more
hassle in terms of dealing with abuse due to email spoofing. With full
Received headers, it's relatively easy for the mailinglist to police
itself from spoofing. Right now, Fake Jacob Appelbaum would be easy to
spot, even though the real one doesn't sign e-mail (nor do any more than a
handful of us).
If the amount of noise on IRC is any indication, we experience more
trolling than your average FOSS project.. Making it easier to troll our
email lists might mean more work for the essentially volunteer admin team.
Hoewever, all that said, my vote still would be for cryptographic
authentication on the ML, rather than IP. But I'm also not the one who
would have to deal with the fallout.
Of course, that fallout might happen anyways once the IRC trolls learn how
to send mail... It's not like they'd really care if the Fake Jake was easy
to spot or not...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5997#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs