|
Grex > Coop8 > #111: Mail issues in a Backtalk world | |
|
| Author |
Message |
janc
|
|
Mail issues in a Backtalk world
| 
Sep 13 20:11 UTC 1996 |
I want to raise a possible problem that may arrise if Backtalk becomes a
popular way to access Grex. We may get a population of users who never
actually log into Grex, but only use their Grex accounts to run Backtalk and
participate in the conferences.
This causes several problems, some of which are relatively easy to deal with
(like making sure that we don't nuke Backtalk user's accounts because they
haven't logged in for 30 days). But one possible problem is a bit trickier
from a policy point of view.
Users who don't log in, won't very easily be able to read their mail. Thus
they could very easily get loads of mail accumulating on Grex that they don't
know about or can't access.
Things that might be done include:
[1] Have Backtalk print "You have mail" messages, together with instructions
to telnet in if you want to read them.
This is a problem because some people, like AOL users, can't telnet.
[2] Have Backtalk print "You have mail" but as above, but in addition give
the user the option of creating a .forward file to an email address
elsewhere. It would forward all his/her saved mail and also set up the
.forward file so that all future mail would be forwarded.
This is a problem because some people, like those connecting in from the
AADL, don't necessarily have other Email addresses.
[3] Start a pop server on Grex. Then Netscape could be used to read and send
mail.
Grex would be even more heavily flooded with people who only want to use
it as a mail drop.
[4] Write a cgi-bin program that would let users read and delete their mail
over the web interface but not send any. The could still reply to mail
using the usual mailto:whomever@where.ever URL's that most browsers
support, but their sent mail wouldn't cross Grex's link.
This still would attract lots of users who only want to use Grex to send
and receive mail. It'd be a largish programming job.
I guess I'd kind of favor option [2] (which includes [1]). It actually
encourages people to take their mail elsewhere. I can easily set it up so
that when you use Backtalk to look up a user, it will give the address out
of his .forward file as a clickable "mailto:" URL, tempting people to move
their mail business entirely off of Grex. It would go straight from the
sender's machine to the receivers machine without passing through Grex.
Still, there are some people who have neither a telnet client nor an Email
address.
So does anyone have better ideas? Opinions?
|
| 90 responses total. |
robh
|
|
response 1 of 90:
|
Sep 13 20:34 UTC 1996 |
[2] is the best all-around solution. I assume you'd be asking
for a forwarding address when they ran web-newuser?
I wouldn't worry about AADL users too much, since if they want
to read their mail they do have the option of telnetting here.
(Unlike AOL users.)
|
rcurl
|
|
response 2 of 90:
|
Sep 13 20:54 UTC 1996 |
How about just not having mail a part of a Backtalk login for conferencing?
|
scott
|
|
response 3 of 90:
|
Sep 13 22:09 UTC 1996 |
I like Rane's idea. Accounts that don't get telnetted into (check
.lastlogin?) don't receive mail.
|
janc
|
|
response 4 of 90:
|
Sep 14 00:27 UTC 1996 |
Mail is really a nice complement to conferencing. Often it's good to be able
to send a mail message to a user instead of posting a reply to his item,
taking your comments from a public forum to a private forum. It'd be
sad to deny it to some users.
|
janc
|
|
response 5 of 90:
|
Sep 14 00:27 UTC 1996 |
I also have no clear idea how to make such a plan work technically.
|
rcurl
|
|
response 6 of 90:
|
Sep 14 05:16 UTC 1996 |
You want people to have access to e-mail because it is a convenient
adjunct to conferencing, and you don't want people to have access to
e-mail because they would use Grex just as a mail drop. Sounds schizoid.
Backtalk conferencing on Grex, I thgink, will be novel enough without
an e-mail adjunct. Of course, users could exchange their regular e-mail
addresses, and use them off Backtalk. That's not very difficult as you just
have an e-mail client and the Backtalk client open simultaneously.
|
kerouac
|
|
response 7 of 90:
|
Sep 14 16:08 UTC 1996 |
I think grex should have a pop setup so that thesefolks can read
their e-mail. The problems of people abusing free e-mail
via the web are the same as the current via telnet setup. The
rationale for not having pop is rooted more in paranoia than
in reality. Doubtless people said grex would be flooded if it
went on the 'net with its free e-mail policy. But ways were found
tohandle it, and grex is better off forits having offered free
e-mail. E-mail is a companion to confrencing, and I dontthink its
fair to allowe conferencing via the web without offering email
access as part of the package.
Also, there may security reasons that neccesitate staff contacting
backtalk conferees privately, and they may not have provided
alternate e-mail addresses. Of course grexcould *require* those
who Backtalk to provide email addresses, but it is easier and
more in line with grex philosophy tosimply give them one here.
Install Pop. Its the fair thing to do.
|
kerouac
|
|
response 8 of 90:
|
Sep 14 16:33 UTC 1996 |
To put it another way, the philosophies that Grex is based upon
should be constant no matter which manner it is presented. Grex
on the Web should not come to be seen as different than Grex on the
'net. Make these distinctions and you end up with two different
setups with the same name. People who access Grex via the web page
should be using the same board that those of us accessing it through
telnet do, subject to the same philosophy andbylaws.
Therefore, it free e-mail is not offered to those users who cannot
telnet or dial-in, itshouldnt be offered to anyone free. It is
inconsistent with grex's free-access philosophy to restrict
priviledges based on method of access. Doing so based on whether
you are a member or not is one thing. Doing so on this basis would
be discrimination.
Whether Grex succceeds in the future depends on the consistency of
its philosophies and what it offers as much as anything else. Not
offering free email to web users is just as unfair as if only dial-in
members could get free email and not those who telnet.
|
popcorn
|
|
response 9 of 90:
|
Sep 14 18:45 UTC 1996 |
#7 and #8 are based on a false assumption: Grex *is* flooded with e-mail now,
practically to the breaking point. We have so many users and so much mail
that the mail queue regularly clogs up. I spent probably a good 10 or 12
hours of this past week manually unclogging the mail queue. That's not
unusual, either; it's a typical week.
|
janc
|
|
response 10 of 90:
|
Sep 14 19:49 UTC 1996 |
Basically, for some of these services strongly in demand, we have offered them
in a somewhat unattractive package -- You can browse the net from Grex, but
you have to use lynx; You can have your webpage on Grex, but not with
pictures; You can recieve mail on Grex, but you have to use a tty-based
mail reader. Since all of these are secondary to what we percieve as our
main mission, we don't want to provide people with incentives to seek these
services elsewhere.
Conferencing isn't a secondary mission. We'd really like to have as good
a conference interface (or interfaces) as possible.
Yes, this is a bit schizophrenic. But when you are giving a service away
for free that most of the world is charging for, you can hardly expect to be
in perfect mental health.
|
scg
|
|
response 11 of 90:
|
Sep 15 02:37 UTC 1996 |
I'd really like to be able to offer POP in conjunction with backtalk. I've
even been thinking of entering an item suggesting that we reconsider our
corrent POP policy when we install Backtalk. From the user interface
standpoint it seems like the only thing that makes sense. Still, I haven't
been able to come up with a way of dealing with the load this would cause.
With our current hardware limitations, we're already swamped with far more
mail than we can handle. That really bothers me, so if somebody can come up
with a workable way of implementing it I'd love to hear about it.
|
rcurl
|
|
response 12 of 90:
|
Sep 15 03:06 UTC 1996 |
A limit of one e-mail message per day..... ;->
|
robh
|
|
response 13 of 90:
|
Sep 15 05:03 UTC 1996 |
How about... The Mail conference! Each user would have their very
own conference, and any e-mail that was sent to their account would
pop up as an item in that conference!
What do you mean, "disk space limitations"? >8)
|
ladyevil
|
|
response 14 of 90:
|
Sep 15 07:23 UTC 1996 |
Actually, on a bbs I've been to alot lately, they've set up a conference where
email is done, just the same as any message.. the only difference is, you can
only read messages sent to you or by you. You are aso only notified of new
messages, when they are to you or by you. Would something like this work on
Backtalk?
|
tsty
|
|
response 15 of 90:
|
Sep 15 12:03 UTC 1996 |
we barely support ourselves while dissipating the paucity of resources
farther adn farther afield. it's kinda heroic to see ourselves as atlas
propping up the whole planet single handedly but one day atlas is
gonna shrug.
|
remmers
|
|
response 16 of 90:
|
Sep 15 17:30 UTC 1996 |
Re #14: I suspect that on that bbs, private mail messages and
public bbs messages are stored in identical or nearly-identical
formats. Such an arrangement would be harder on Grex, where mail
messages and conference items are stored in very different
formats. Harder but not impossible -- software would have to
be written, a mail-to-Picospan gateway.
It's almost trivially easy for any user to set something up to
enable them to read their grex mail over the web. (I won't say
how but will leave it as an exercise for the reader.)
Unfortunately it would also allow their grex mail to be read by
the rest of the world as well. But a layer of security could be
provided by a cgi-script...
|
remmers
|
|
response 17 of 90:
|
Sep 15 17:55 UTC 1996 |
...which would then be roughly equivalent to Jan's option [4]
in #0.
Actually, how big a programming job would [4] be? It could be
done mostly as a cgi front-end to mh or even the venerable
'mail' program. Leave all the mail manipulation dirty work to
those programs.
|
rcurl
|
|
response 18 of 90:
|
Sep 15 21:54 UTC 1996 |
Re #16: but the mail file readable over the web could be in a non-public
directory with a non-obvious name, could it not?
|
russ
|
|
response 19 of 90:
|
Sep 15 22:47 UTC 1996 |
(How many times do you have to repeat "Security throgh obscurity is an
oxymoron!" before people get it? <sigh> )
|
janc
|
|
response 20 of 90:
|
Sep 15 22:51 UTC 1996 |
Actually, I don't think John's first would work at all. Your mail file isn't
readable to others, and httpd is other. You might be able to permit it
to be readable, but I don't think it would stay that way, because I suspect
the mail software wouldn't be inclined to leave it that way. Plus you
couldn't delete the you have read.
However, it would be relatively easy to make a web-based mailreader using
mh, as John suggests. You need to build some code that allows the system
to run unix commands as a user authenticated through the web, but this may
need to be done anyway to allow web-users to change their passwords and the
like. Still, it's a doable project.
I'm not convinced this is a great idea though. The great majority of users
accessing Backtalk would have mail accounts on other systems. We don't
want to encourage those users to get their mail on Grex. I'd much rather
have them give some email address off of Grex, and provide that to other
backtalk users as their mail address. Then mail sent from one Backtalk user
to another will stay entirely off of Grex.
|
janc
|
|
response 21 of 90:
|
Sep 15 22:53 UTC 1996 |
Russ slipped in. He's right. Security through obscurity only works in cases
of extreme obscurity (like passwords) and even then isn't great.
|
rcurl
|
|
response 22 of 90:
|
Sep 16 02:23 UTC 1996 |
I think people are over sensitive about secrecy. I'm a private person, but
99% of what I keep private would be of no interest or use to anyone. If
someone did find my mail, they wouldn't get much. The probability of
anyone trying is probably less than someone stealing mail from my post box
out on the street.
|
remmers
|
|
response 23 of 90:
|
Sep 16 11:31 UTC 1996 |
Re #20: Right, a person's mail file in /var/spool/mail is not
readable over the web. You have not yet successfully solved
my exercise. :)
I'm not advocating a web interface to mh for Grex, just
pointing out that option [4] in #0 would not be that huge a job
if you implemented it that way. I tend to agree that a solution
that facilitates mail communication among backtalk users but
keeps the mail traffic off grex as much possible is the way to
go.
|
russ
|
|
response 24 of 90:
|
Sep 16 13:44 UTC 1996 |
Best of all: REQUIRE a valid e-mail address for Backtalk users.
Create a pass-code as part of the account creation process, and
e-mail that pass code to the user-given mail address. Require
the pass-code as well as the user password for the first login.
This guarantees that the user has a valid e-mail address.
|