librelist archives

« back to archive

What do you want in a control panel?

What do you want in a control panel?

From:
Zed A. Shaw
Date:
2011-08-27 @ 23:04
Hi everyone,

I'm going to start working on librelist again, and I'm going to make a
self-management control panel.  Nothing extensive, but I'd like to hear
what you all would like in it if you could have anything.

-- 
Zed A. Shaw
http://zedshaw.com/

Re: What do you want in a control panel?

From:
Sebastian Otaegui
Date:
2011-08-28 @ 01:44
It would be nice if you build some kind of management API and on top of that
the management UI.
From reading you that's something it looks like you'd enjoy doing.
I don't know what you have in mind. But from what I have read in meta, off
the bat you should build something that can manage "blackholing" email
addresses(for spammers), mass deletion of emails in case your filter for
spam does not work as expected and some spammers find a border case in the
filter that can be exploited.
Of course I am taking user administration for granted.
This is from my system admin PoV I do not have a librelist mailing list

My 2 cents

On Aug 27, 2011 6:05 PM, "Zed A. Shaw" <zedshaw@zedshaw.com> wrote:
>
> Hi everyone,
>
> I'm going to start working on librelist again, and I'm going to make a
> self-management control panel.  Nothing extensive, but I'd like to hear
> what you all would like in it if you could have anything.
>
> --
> Zed A. Shaw
> http://zedshaw.com/

Re: What do you want in a control panel?

From:
Zed A. Shaw
Date:
2011-08-28 @ 07:09
On Sat, Aug 27, 2011 at 08:44:02PM -0500, Sebastian Otaegui wrote:
> It would be nice if you build some kind of management API and on top of that
> the management UI.

Two requests for an API so far, so what would you do with an API?

> I don't know what you have in mind. But from what I have read in meta, off
> the bat you should build something that can manage "blackholing" email
> addresses(for spammers), mass deletion of emails in case your filter for
> spam does not work as expected and some spammers find a border case in the
> filter that can be exploited.

That might be possible, although not sure how to elect someone the
"admin" in charge of that, or if it can be democratic.  I do want to
make it so the lists can be very self-managing but not give any single
person too much control.  Maybe a little election mechanism?

> Of course I am taking user administration for granted.
> This is from my system admin PoV I do not have a librelist mailing list

Alright, thanks.  If you think of more let me know.

-- 
Zed A. Shaw
http://zedshaw.com/

Re: What do you want in a control panel?

From:
Eimantas Vaičiūnas
Date:
2011-08-28 @ 10:41
On 2011.08.28, at 10:09, Zed A. Shaw wrote:

> On Sat, Aug 27, 2011 at 08:44:02PM -0500, Sebastian Otaegui wrote:
>> It would be nice if you build some kind of management API and on top of that
>> the management UI.
> 
> Two requests for an API so far, so what would you do with an API?

Simple REST API would allow anyone make their own frontend (web, terminal 
(wget/curl/fetch or OS native). So something like CRUD for lists and their
members. I also like Eric's idea about the email-based administration 
interface, but not sure about the usability of this thing. I imagine it 
being more of a read-only thing than full read-write.

> 
>> I don't know what you have in mind. But from what I have read in meta, off
>> the bat you should build something that can manage "blackholing" email
>> addresses(for spammers), mass deletion of emails in case your filter for
>> spam does not work as expected and some spammers find a border case in the
>> filter that can be exploited.
> 
> That might be possible, although not sure how to elect someone the
> "admin" in charge of that, or if it can be democratic.  I do want to
> make it so the lists can be very self-managing but not give any single
> person too much control.  Maybe a little election mechanism?

You could think of something like StackExchange network's 
reputation-points-based privilege system. Although I believe this would 
take more time for implementation.

// Eimantas

Re: What do you want in a control panel?

From:
Zed A. Shaw
Date:
2011-08-28 @ 18:20
On Sun, Aug 28, 2011 at 01:41:05PM +0300, Eimantas Vaičiūnas wrote:
> > That might be possible, although not sure how to elect someone the
> > "admin" in charge of that, or if it can be democratic.  I do want to
> > make it so the lists can be very self-managing but not give any single
> > person too much control.  Maybe a little election mechanism?
> 
> You could think of something like StackExchange network's 
reputation-points-based privilege system. Although I believe this would 
take more time for implementation.

Yep, it probably would, but I'll put it on the list.  Maybe a way to
track people's "trustworthiness" on mailing lists.

-- 
Zed A. Shaw
http://zedshaw.com/

Re: What do you want in a control panel?

From:
Eric Wong
Date:
2011-08-28 @ 08:36
"Zed A. Shaw" <zedshaw@zedshaw.com> wrote:
> On Sat, Aug 27, 2011 at 08:44:02PM -0500, Sebastian Otaegui wrote:
> > I don't know what you have in mind. But from what I have read in meta, off
> > the bat you should build something that can manage "blackholing" email
> > addresses(for spammers), mass deletion of emails in case your filter for
> > spam does not work as expected and some spammers find a border case in the
> > filter that can be exploited.
> 
> That might be possible, although not sure how to elect someone the
> "admin" in charge of that, or if it can be democratic.  I do want to
> make it so the lists can be very self-managing but not give any single
> person too much control.  Maybe a little election mechanism?

Maybe the person who started the list can be the admin?  That could lead
to more squatting of list names (has it been a problem, yet?), though.

A democracy would be subject to political manipulation/mob effects
and difficult to implement correctly to prevent abuse (/defining/
abuse can be hard, even).

From what I can tell, the current system works well enough.


I've dreamed a mailing list system could evolve into something
completely distributed and decentralized (a better Usenet).
But right now I'm just happy I can interact with people on mailing
lists _without_:

1) dealing with <form> elements in browsers/GUIs
2) having yet another login+password
3) advertisers profiling/targeting me

-- 
Eric Wong

Re: What do you want in a control panel?

From:
Zed A. Shaw
Date:
2011-08-28 @ 18:19
On Sun, Aug 28, 2011 at 08:36:42AM +0000, Eric Wong wrote:
> > That might be possible, although not sure how to elect someone the
> > "admin" in charge of that, or if it can be democratic.  I do want to
> > make it so the lists can be very self-managing but not give any single
> > person too much control.  Maybe a little election mechanism?
> 
> Maybe the person who started the list can be the admin?  That could lead
> to more squatting of list names (has it been a problem, yet?), though.

Tyranny of the minority.

> A democracy would be subject to political manipulation/mob effects
> and difficult to implement correctly to prevent abuse (/defining/
> abuse can be hard, even).

Tyranny of the majority.  You need a mix of both to balance it out, but
given a choice I side with the majority rather than the minority.

> I've dreamed a mailing list system could evolve into something
> completely distributed and decentralized (a better Usenet).
> But right now I'm just happy I can interact with people on mailing
> lists _without_:
> 
> 1) dealing with <form> elements in browsers/GUIs
> 2) having yet another login+password
> 3) advertisers profiling/targeting me

Yes, that's also why I started librelist.  Google and yahoo groups are
just creepy.

-- 
Zed A. Shaw
http://zedshaw.com/

Re: What do you want in a control panel?

From:
Sebastian Otaegui
Date:
2011-08-28 @ 15:50
On Sun, Aug 28, 2011 at 2:09 AM, Zed A. Shaw <zedshaw@zedshaw.com> wrote:

> On Sat, Aug 27, 2011 at 08:44:02PM -0500, Sebastian Otaegui wrote:
> > It would be nice if you build some kind of management API and on top of
> that
> > the management UI.
>
> Two requests for an API so far, so what would you do with an API?
>
> > I don't know what you have in mind. But from what I have read in meta,
> off
> > the bat you should build something that can manage "blackholing" email
> > addresses(for spammers), mass deletion of emails in case your filter for
> > spam does not work as expected and some spammers find a border case in
> the
> > filter that can be exploited.
>
> That might be possible, although not sure how to elect someone the
> "admin" in charge of that, or if it can be democratic.  I do want to
> make it so the lists can be very self-managing but not give any single
> person too much control.  Maybe a little election mechanism?
>
>
Just thinking crazy here:

How bout you hooked librelist with zeromq with a hub that runs a modified
version of the UTU protocol the fits the email model?

You would have to have UTU enabled lists and completely unmoderated lists
because some people may not want to administer.



-- 
Those who do not understand Unix are condemned to reinvent it, poorly.
Any sufficiently recent Microsoft OS contains an ad hoc,
informally-specified, bug-ridden, slow implementation of half of Unix.

Re: What do you want in a control panel?

From:
Zed A. Shaw
Date:
2011-08-28 @ 18:21
On Sun, Aug 28, 2011 at 10:50:56AM -0500, Sebastian Otaegui wrote:
> Just thinking crazy here:
> 
> How bout you hooked librelist with zeromq with a hub that runs a modified
> version of the UTU protocol the fits the email model?
> 
> You would have to have UTU enabled lists and completely unmoderated lists
> because some people may not want to administer.

Cool idea, but it'd take too long.  Still I wonder if there's a way to
calculate a "trustworthiness" metric based on someone's behavior on
lists?  That might be easier.

-- 
Zed A. Shaw
http://zedshaw.com/

Re: What do you want in a control panel?

From:
Eric Wong
Date:
2011-08-27 @ 23:30
"Zed A. Shaw" <zedshaw@zedshaw.com> wrote:
> I'm going to start working on librelist again, and I'm going to make a
> self-management control panel.  Nothing extensive, but I'd like to hear
> what you all would like in it if you could have anything.

Who gets control? :)

I would like an email-based interface, but the ability to use any
command-line client (probably curl + REST API) would do...

One feature I'd like is the ability to reject or strip certain
content types (HTML and PGP/GPG signatures, mainly).

-- 
Eric Wong

Re: What do you want in a control panel?

From:
Zed A. Shaw
Date:
2011-08-28 @ 07:05
On Sat, Aug 27, 2011 at 11:30:44PM +0000, Eric Wong wrote:
> "Zed A. Shaw" <zedshaw@zedshaw.com> wrote:
> > I'm going to start working on librelist again, and I'm going to make a
> > self-management control panel.  Nothing extensive, but I'd like to hear
> > what you all would like in it if you could have anything.
> 
> Who gets control? :)

Well this would be for your account.  So things like,
subscribe/unsubscribe, pausing, unblocking yourself, reporting spam,
etc.

> I would like an email-based interface, but the ability to use any
> command-line client (probably curl + REST API) would do...

I'm going to just do a web interface for these features since it's
easier.  I might do an API, but not an initial goal.

What would you do with the API?

> One feature I'd like is the ability to reject or strip certain
> content types (HTML and PGP/GPG signatures, mainly).

Hmm, I could probably just start doing that anyway.  Let me think about
that.

-- 
Zed A. Shaw
http://zedshaw.com/

Re: What do you want in a control panel?

From:
Eric Wong
Date:
2011-08-28 @ 08:04
"Zed A. Shaw" <zedshaw@zedshaw.com> wrote:
> On Sat, Aug 27, 2011 at 11:30:44PM +0000, Eric Wong wrote:
> > "Zed A. Shaw" <zedshaw@zedshaw.com> wrote:
> > > I'm going to start working on librelist again, and I'm going to make a
> > > self-management control panel.  Nothing extensive, but I'd like to hear
> > > what you all would like in it if you could have anything.
> > 
> > Who gets control? :)
> 
> Well this would be for your account.  So things like,
> subscribe/unsubscribe, pausing, unblocking yourself, reporting spam,
> etc.

Ah, ok, I somehow thought it would be for lists themselves.

Sometimes it would be useful to quickly look up which lists I'm
subscribed to and if I somehow got blocked from any one of them
(maybe because my mail server got knocked offline for an extended
period).

I'm on a lot of quiet lists :x

> > I would like an email-based interface, but the ability to use any
> > command-line client (probably curl + REST API) would do...
> 
> I'm going to just do a web interface for these features since it's
> easier.  I might do an API, but not an initial goal.
> 
> What would you do with the API?

Probably everything above.  I don't like dealing with HTML <form>
elements in browsers (I dislike GUIs in general).

With an email-based interface, I wouldn't have to maintain a password,
either.  Destructive operations would require an extra confirmation
step, though.

> > One feature I'd like is the ability to reject or strip certain
> > content types (HTML and PGP/GPG signatures, mainly).
> 
> Hmm, I could probably just start doing that anyway.  Let me think about
> that.

I think HTML mail is universally reviled on technical lists.

I know some folks PGP/GPG sign their emails because they feel strongly
about their identity and/or worry about having their identity spoofed.
I don't care much for identities and see noise/bandwidth waste.

-- 
Eric Wong

Re: What do you want in a control panel?

From:
Platonides
Date:
2011-08-28 @ 17:00
Zed A. Shaw wrote:
>> One feature I'd like is the ability to reject or strip certain
>> content types (HTML and PGP/GPG signatures, mainly).
>
> Hmm, I could probably just start doing that anyway.  Let me think about
> that.

A cute feature would be to require the emails to come signed with a 
given S/MIME|PGP|GPG key, protected addresses without that would be 
rejected by the email server.
That would give a stronger defense against email spoofing, as it would 
also be checked before relaying to all the list members (there could be 
also some other anti-spoof protection methods, such as requiring the to 
come from a specific mail server, but the really cool one would be the 
email signatures).

Re: What do you want in a control panel?

From:
Zed A. Shaw
Date:
2011-08-28 @ 18:16
On Sun, Aug 28, 2011 at 07:00:41PM +0200, Platonides wrote:
> Zed A. Shaw wrote:
> >> One feature I'd like is the ability to reject or strip certain
> >> content types (HTML and PGP/GPG signatures, mainly).
> >
> > Hmm, I could probably just start doing that anyway.  Let me think about
> > that.
> 
> A cute feature would be to require the emails to come signed with a 
> given S/MIME|PGP|GPG key, protected addresses without that would be 
> rejected by the email server.

I thought of secure lists, but, TBH a very tiny percentage of people use
PGP/GPG at all.  Can you think of any particular large group of folks
who would use this?

> That would give a stronger defense against email spoofing, as it would 
> also be checked before relaying to all the list members (there could be 
> also some other anti-spoof protection methods, such as requiring the to 
> come from a specific mail server, but the really cool one would be the 
> email signatures).

I also think the difficulty of getting PGP up and sharing your key would
make it so nobody would use it.  Has this process improved much
recently?

-- 
Zed A. Shaw
http://zedshaw.com/

Re: What do you want in a control panel?

From:
Platonides
Date:
2011-08-29 @ 14:49
Zed A. Shaw wrote:
>> A cute feature would be to require the emails to come signed with a
>> given S/MIME|PGP|GPG key, protected addresses without that would be
>> rejected by the email server.
>
> I thought of secure lists, but, TBH a very tiny percentage of people use
> PGP/GPG at all.  Can you think of any particular large group of folks
> who would use this?

? The beauty of the scheme is that each individual could enable it. I'm 
not talking about a list where only PGP-signed messages would be allowed.


>> That would give a stronger defense against email spoofing, as it would
>> also be checked before relaying to all the list members (there could be
>> also some other anti-spoof protection methods, such as requiring the to
>> come from a specific mail server, but the really cool one would be the
>> email signatures).
>
> I also think the difficulty of getting PGP up and sharing your key would
> make it so nobody would use it.  Has this process improved much
> recently?

The user would provide the public key (or just the fingerprint, if it's 
on a public server) through that control panel.

Re: What do you want in a control panel?

From:
Zed A. Shaw
Date:
2011-08-29 @ 18:46
On Mon, Aug 29, 2011 at 04:49:36PM +0200, Platonides wrote:
> Zed A. Shaw wrote:
> > I also think the difficulty of getting PGP up and sharing your key would
> > make it so nobody would use it.  Has this process improved much
> > recently?
> 
> The user would provide the public key (or just the fingerprint, if it's 
> on a public server) through that control panel.

Well, experience has shown us that if a user has to setup their own
server they'll either just not use the tool, or set the server up wrong
and screw everyone over.

I'll look at the PGP features, but it's on the long end of my list.

-- 
Zed A. Shaw
http://zedshaw.com/

Re: What do you want in a control panel?

From:
Platonides
Date:
2011-08-29 @ 21:38
Zed A. Shaw wrote:
> On Mon, Aug 29, 2011 at 04:49:36PM +0200, Platonides wrote:
>> Zed A. Shaw wrote:
>>> I also think the difficulty of getting PGP up and sharing your key would
>>> make it so nobody would use it.  Has this process improved much
>>> recently?
>>
>> The user would provide the public key (or just the fingerprint, if it's
>> on a public server) through that control panel.
>
> Well, experience has shown us that if a user has to setup their own
> server they'll either just not use the tool, or set the server up wrong
> and screw everyone over.
>
> I'll look at the PGP features, but it's on the long end of my list.

I meant a keyserver, not that everyone would install a local server.

Re: What do you want in a control panel?

From:
Eric Wong
Date:
2011-08-29 @ 17:48
Platonides <platonides@gmail.com> wrote:
> Zed A. Shaw wrote:
> > Platonides <platonides@gmail.com> wrote:
> >> A cute feature would be to require the emails to come signed with a
> >> given S/MIME|PGP|GPG key, protected addresses without that would be
> >> rejected by the email server.
> >
> > I thought of secure lists, but, TBH a very tiny percentage of people use
> > PGP/GPG at all.  Can you think of any particular large group of folks
> > who would use this?
> 
> ? The beauty of the scheme is that each individual could enable it. I'm 
> not talking about a list where only PGP-signed messages would be allowed.

It would be a huge waste of bandwidth if used and probably increase CPU
usage on the librelist server, too.  Outgoing bandwidth is especially
limited for some folks and disk space is not cheap given extra seek
times involved.

It would also break things like "git send-email" and make applying
patches sent with a modified "git send-email" more difficult since one
needs to split out the patch from the message before applying[1].

I don't care /who/ sends the patches, I care about what's in the
patches.


[1] - user agents like mutt let users pipe messages directly to other
      programs like "git am" (or "patch" for non-git users) so patches
      can be applied directly from the MUA without switching to a shell.

-- 
Eric Wong

Re: What do you want in a control panel?

From:
Platonides
Date:
2011-08-29 @ 21:35
Eric Wong wrote:
> Platonides<platonides@gmail.com>  wrote:
>> Zed A. Shaw wrote:
>>> I thought of secure lists, but, TBH a very tiny percentage of people use
>>> PGP/GPG at all.  Can you think of any particular large group of folks
>>> who would use this?
>>
>> ? The beauty of the scheme is that each individual could enable it. I'm
>> not talking about a list where only PGP-signed messages would be allowed.
>
> It would be a huge waste of bandwidth if used and probably increase CPU
> usage on the librelist server, too.  Outgoing bandwidth is especially
> limited for some folks and disk space is not cheap given extra seek
> times involved.

It would surely increase CPU usage, given that it would need to verify 
some signatures, but I don't follow why the outgoing bandwidth would be 
greater. I wonder if we're talking about the same feature.


> It would also break things like "git send-email" and make applying
> patches sent with a modified "git send-email" more difficult since one
> needs to split out the patch from the message before applying[1].
>
> [1] - user agents like mutt let users pipe messages directly to other
>        programs like "git am" (or "patch" for non-git users) so patches
>        can be applied directly from the MUA without switching to a shell.

Many user agents support PGP messages, if that concrete MUA doesn't know 
how to properly extract the attachment, it's not relevant to the list. 
And the sender could still choose not to sign the messages.

 > I don't care /who/ sends the patches, I care about what's in the
 > patches.

Is it really worth explaining why it is good think to ensure that the 
one that sends a message is the one you think it is? (even though it's 
just an anonymous entity behind an email address).

Re: What do you want in a control panel?

From:
Eric Wong
Date:
2011-08-29 @ 22:08
Platonides <platonides@gmail.com> wrote:
> Eric Wong wrote:
> > Platonides<platonides@gmail.com>  wrote:
> >> Zed A. Shaw wrote:
> >>> I thought of secure lists, but, TBH a very tiny percentage of people use
> >>> PGP/GPG at all.  Can you think of any particular large group of folks
> >>> who would use this?
> >>
> >> ? The beauty of the scheme is that each individual could enable it. I'm
> >> not talking about a list where only PGP-signed messages would be allowed.
> >
> > It would be a huge waste of bandwidth if used and probably increase CPU
> > usage on the librelist server, too.  Outgoing bandwidth is especially
> > limited for some folks and disk space is not cheap given extra seek
> > times involved.
> 
> It would surely increase CPU usage, given that it would need to verify 
> some signatures, but I don't follow why the outgoing bandwidth would be 
> greater. I wonder if we're talking about the same feature.

The sender needs to attach the signature to the outgoing message.
Sure it's optional, but its encouraging wasteful behavior.

>  > I don't care /who/ sends the patches, I care about what's in the
>  > patches.
> 
> Is it really worth explaining why it is good think to ensure that the 
> one that sends a message is the one you think it is? (even though it's 
> just an anonymous entity behind an email address).

Extra work/bandwidth/space for something that is _not a problem_ in
public mailing lists.

-- 
Eric Wong

Re: What do you want in a control panel?

From:
Platonides
Date:
2011-08-30 @ 21:43
Eric Wong wrote:
> Platonides<platonides@gmail.com>  wrote:
>> It would surely increase CPU usage, given that it would need to verify
>> some signatures, but I don't follow why the outgoing bandwidth would be
>> greater. I wonder if we're talking about the same feature.
>
> The sender needs to attach the signature to the outgoing message.
> Sure it's optional, but its encouraging wasteful behavior.

Well, obviously. Each feature needs a bit more of space. I don't 
consider PGP signatures a problem. They provide a feature.
I have seen much worse offenses with user signatures, lots of redundant 
html...


>>   >  I don't care /who/ sends the patches, I care about what's in the
>>   >  patches.
>>
>> Is it really worth explaining why it is good think to ensure that the
>> one that sends a message is the one you think it is? (even though it's
>> just an anonymous entity behind an email address).
>
> Extra work/bandwidth/space for something that is _not a problem_ in
> public mailing lists.

I don't know why it's not a problem yet, but the day spammers begin to 
use that spoofing, mailing lists will explode.
I have seen some people going to signature emails after being spoofed 
once (although I don't think that serves for much, if people don't check 
signatures). And for "private", announce-only lists, the havoc that a 
well-crafted spoofed email could produce, it's enormous.

Re: What do you want in a control panel?

From:
Eric Wong
Date:
2011-08-30 @ 22:11
Platonides <platonides@gmail.com> wrote:
> Eric Wong wrote:
> > Extra work/bandwidth/space for something that is _not a problem_ in
> > public mailing lists.
> 
> I don't know why it's not a problem yet, but the day spammers begin to 
> use that spoofing, mailing lists will explode.
> I have seen some people going to signature emails after being spoofed 
> once (although I don't think that serves for much, if people don't check 
> signatures). And for "private", announce-only lists, the havoc that a 
> well-crafted spoofed email could produce, it's enormous.

You're right, nobody bothers to check signatures :)

Mailing lists are mainly populated by nerds and already declining from
what I can tell.  Much to my chagrin, more and more activity is moving
to web forums and social networks.  Spammers have bigger and easier
targets to go after.

If it became a problem, on some (most?) mailing lists, Received: headers
should provide adequate tracing/verification.

I noticed librelist drops the original Received: headers when it relays,
maybe as a privacy concern (Zed can answer this) since it can expose the
clients IP address[1].  I've found them useful for diagnosing delivery
problems/delays; but it could be used to verify senders in a
reliable-enough-fashion.


AFAIK, big email hosts like Gmail won't allow you to spoof another Gmail
user; and folks who run private servers tend to always send from that (I
do).  Received: headers are there anyways and less-intrusive than
signatures.  They also requires no more/less technical competence/time
to verify.



[1] - I create an ssh tunnel to my mail server to avoid this.

-- 
Eric Wong