GNU Mailman

Anonymous archives

Bug #1456122 reported by Pierre Schweitzer on 2015-05-18

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	GNU Mailman	Won't Fix	Wishlist	Unassigned
	hyperkitty	New	Undecided	Unassigned

Bug Description

Hi,

In order to comply with German (and EU to-be) laws, we're looking for an extra feature regarding mailman archives. It would be great that archives (public) could be made anonymous (hidden mail address, for instance). Ideally, when the user logs in to browse archives, then, they wouldn't require to be anonymous.

This is to protect senders regarding privacy leak (and actually regarding spam too).

With my best regards,

Revision history for this message

Mark Sapiro (msapiro) wrote on 2015-05-20:

For Mailman 2.1, you'll have to be satisfied with making the archive private. There are no plans to change this in Mailman 2.1.x. Also, it seems that perhaps more than just hiding the poster's From: address might be required, what about signatures, addresses in message bodies, etc.?

For MM 3, I have added Hyperkitty to the affected projects.

Changed in mailman:
status:	New → Won't Fix
importance:	Undecided → Wishlist

Revision history for this message

Pierre Schweitzer (pierre-jean-schweitzer) wrote on 2015-05-20:

Well, moving the mailing list archives is definitely not a solution for us. These mailing lists are public and their archives are intended to be public, even though a bit anonymous.

You raise a point which is done by other solution: they actually parse the whole message and hide mail addresses when they are found, be it in signature, in body or in headers. This is the kind of solution we'd like to see in mailman and that would fix our solution.

Revision history for this message

Mark Sapiro (msapiro) wrote on 2015-06-03:

Just to add a bit to this, the pipermail archive in MM 2.1 consists of static HTML pages. The current archiver by default 'obscures' email addresses everywhere in the archived message, but only by replacing '@' by ' at '. This is for spam harvesting, not privacy, and is probably not very effective.

More secure obfuscation could be done but is problematic in that all addresses would be obfuscated, even those in the body meant to be public such as "send bug reports to <email address hidden>", and the obfuscation would necessarily be irreversable because of the static nature of the pages, i.e. everyone, authenticated or not, would see the same obfuscated address.

(comment applies to MM 2.1 only)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.