|
Grex > Coop13 > #376: The problems with Grex, e-mail and spam | |
|
| Author |
Message |
| 25 new of 480 responses total. |
cross
|
|
response 320 of 480:
| 
Dec 15 02:39 UTC 2006 |
I'm not sure that grex staff has what can be said to be clearly defined
processes. Rather, there's a set of general guidelines for doing things:
try to get a concensus, work on what you're interested in, unless it steps
on someone else's toes. Some things are always okay for all staff members.
For instance, cleaning up stale accounts, deleting hacker tools or copies of
BNC or eggdrop or other large files. Some are okay for certain staff
members at all times. For instance, Marcus can more or less make whatever
changes to the authentication system or password database he wants. Steve
can more or less do whatever he wants (for instance, repartition the disks
during an upgrade without, I don't think, consulting anyone beforehand or
really making a plan to make sure we don't lose data). Some are okay for
some staff members some of the time. Remmers can make certain changes to
system configuration files in an emergency; usually he will go out of his
way to let people know that he's done and and solicit feedback, etc.
Let me reiterate because I think this is important: if you're one of the
what one might call ``principle'' staff members, you can more or less do
what you want and if someone objects you can later lay down an argument, but
do so knowing that, basically, there won't be any real consequences (for
example, under what circumstances would Steve ever get *his* root access
pulled? Now before someone jumps down my throat, I'm not saying that anyone
*should* pull Steve's access, but has anyone ever given any serious
consideration to what it would take for that to happen? Now what would it
take for someone to pull someone else's? We recently saw Mic's get yanked,
for instance. What would have happened if the roles had been reversed?).
It was also my sense that the idea of putting some processes in place just
wasn't going to fly. The usual argument against would be something along
the lines of, ``staff is busy; they have lives; they aren't paid; you can't
ask them to do something they don't want to do; be grateful they do anything
at all; why do you want to create more work?''
It's interesting to see some people other than myself say things that
basically echo my own sentiment of how staff operates: if you want to make a
controversial decision, odds are good you'll be told that it needs
discussion first, and then discussion will continue until you lose energy to
pursue it and just let it go. I feel like the password hash thing is a lot
like that: there's no good reason for sticking with what we have now, but
instead of changing, we're told we need to ``discuss'' it first and then no
one says anything until whoever proposed it (in this particular case, me)
gives up. If it's raised at some point in the future, the person raising it
(again, in this case, me) is told that it's been discussed, no one wanted to
do it, stop wasting everyone's time with endless debate, it creates friction
on the staff team to keep raising the same issues, etc. Eventually the
cycle repeats.
Here's another way to look at that particular issue: some people are
motivated to work on staff because sometimes they get to work on things that
interest them. That was my initial draw to grex: the technology that
allowed an open-access Unix system to actually work without imploding on
itself. When I first got on grex staff, I was sort of dismayed at what a
patchwork the software on the old Sun really was: in particular, the
password subsystem was *really* hacked together, very brittle, and very,
very easy to break (for example, making a textual edit to the password file
would *really* mess things up. Instead, Marcus or someone had written an
*interactive* tool for manipulating the user database. If you forgot and
ran ``vipw'' you would really, really screw things up). It was interesting
to me, with the move to the OpenBSD machine, to work on that problem, and it
eventually became clear that the BSD people had sufficiently evolved the
password subsystem in the standard distribution so that grex didn't need
customizations. To me, it was an interesting problem to figure out how to
get from our custom solution to the standard solution (which was necessary
on the Sun given the primitive nature of that system's password subsystem).
However, I found great resistance to doing that, because a lot of it was
Marcus's baby, and no one wanted to make him mad, even though he hadn't
really been active on grex in some time. Okay, fine, but *I* as a newish
staff member was still prevented from working on a problem that interested
me. Well, if that happens enough times, why would I *want* to continue to
do anything but the grudge work that no one seemed to mind anyone doing?
If every time you raise interest in working on some problem you're told no
because someone else ``owns'' it, even though they're not doing anything
with it, how long until you lose interest? Is that being thin-skinned? I
don't really think so, but I'm no psychology expert, so take what I say with
a grain of salt. I do think it's fair to say that it's not being inclusive
of the interests of ``new'' staff members. It is, in my opinion,
essentially saying that the interests of long-time grex staff members, even
if they're inactive, outweigh the interests of newer members, particularly
those that aren't local to Ann Arbor.
|
cross
|
|
response 321 of 480:
|
Dec 15 02:44 UTC 2006 |
Regarding #318; It's also possible that I was, but that the scheduling
notices got buried in the massive amount of spam that comes with the grex
staff email aliases. What discussions I *do* remember about the staff
meetings were usually along the lines of, ``can everyone meet at Steve's
place tonight at 7?'' ``Yeah, sure, I'll bring a pizza....'' Nothing about
how non-locals could dial into the meetings, no agendas, or anything. If
you don't read that email until 8pm, you're sort of screwed. There were
several times I recall seeing a post in the staff conference of the form,
``at last night's staff meeting...'' where there wasn't a lot, if any,
notice that there *would* be a staff meeting that night. I certainly never
participated in one, even though I would have liked to.
|
mcnally
|
|
response 322 of 480:
|
Dec 15 03:09 UTC 2006 |
re #318, 321: I was on staff for at least a year and I frankly
don't recall ever hearing about any staff meetings either. I
definitely never participated in one. I thought they were something
Mary imagined until comments from other respondents confirmed that
they believed in them, too.
Like Dan, it's also possible that I, too, might have missed e-mail
notifications due to filtering the ludicrous amounts of mail that
I got deluged with after being added to the staff mailing lists
(I haven't mentioned this before but I almost resigned from staff
less than a week after volunteering to help because the crap from
the mailing lists so disrupted my personal mail account.) Instead
I diverted that mail to gmail and archived it. A search through
the archived staff mail shows only one conversation where the
phrase "staff meeting" was used in mail that I received and on
that occasion (in 11/2005) no staff meeting was called (that I
was informed of..) My contributions as a staff member were
extremely paltry, but if there was a loop I was so far out of the
loop that I apparently wasn't even aware of its existence.
|
cross
|
|
response 323 of 480:
|
Dec 15 03:22 UTC 2006 |
Regarding #322; Hey! You're still staff! At least, you're still in the wheel
group and thus have root access.
|
gelinas
|
|
response 324 of 480:
|
Dec 15 03:27 UTC 2006 |
To the best of my knowledge, the staff has not met since you were added to
it, Mike.
|
rcurl
|
|
response 325 of 480:
|
Dec 15 03:35 UTC 2006 |
Is it possible that the technology has moved so far beyond Grex, and most of
the staff has moved with it, so it just isn't *interesting* to most of them?
|
keesan
|
|
response 326 of 480:
|
Dec 15 04:36 UTC 2006 |
Is anyone currently working on restoring newuser?
keesan's proposed spam filter is simply using spamassassin to filter on
anything with three spam points, plus a sample of how to put your friends on
a whitelist, which is much shorter than what keesan is using to filter her
own spam (which got all but one spam today) which probably uses less cpu time
because most spam is WIndows charset or the 60 stock spams a day and I put
those filters first.
|
cross
|
|
response 327 of 480:
|
Dec 15 04:45 UTC 2006 |
Regarding #325; I don't know about that; a lot of the stuff that grex uses
now is fairly modern (relatively speak, of course). Moving off of SunOS on
the Sun 4 was a huge leap forward in technology, literally catching us up by
about 15 years. In many respects, it's now on par with other systems.
Judicious use of the money that grex has in the bank could further improve
the technology new-ness situation.
Actually, in some respects, I feel like staff is holding grex back
technologically: a lot of things are being done like it's still 1991,
sometimes paradoxically. For instance, we're told at once grex hits its
hardware really hard, but at the same time told that we can't justify
something like hardware RAID. Some of the things that have become almost
automatic responses as far as system administration goes are sort of shoved
out the window. E.g., someone says, ``highly available storage'' you just
sort reflexively respond, ``hot-swappable hardware RAID.'' ``Reliable
memory,'' ``ECC.'' ``Chasis profile for colocation,'' ``rackmountable
case.'' ``Reliable backups,'' ``tape stacker unit.'' Certainly, some of
these things *do* make grex less interesting to those who might otherwise
be able to contribe really positively.
|
cross
|
|
response 328 of 480:
|
Dec 15 04:47 UTC 2006 |
Regarding #326; I really doubt it.
|
gull
|
|
response 329 of 480:
|
Dec 15 05:58 UTC 2006 |
Re resp:326: Ah, okay. I had thought you were still doing simple
keyword matching.
Re resp:327: Having worked with a tape changer, I'm not sure I'd have
called it "highly reliable." In four years the Overland 10-slot unit
where I used to work was out for repairs at least three times. Oddly,
the problem was usually not the robotics, but the Benchmark DLT1 drive
they fed.
|
naftee
|
|
response 330 of 480:
|
Dec 15 06:27 UTC 2006 |
i don't know why anyone responds to keesan. she's obviously in her own world
|
fudge
|
|
response 331 of 480:
|
Dec 15 09:57 UTC 2006 |
re 327: modern relative to what?
and all the goodies you mentioned are very nice if one can
afford them... grex doesn't even have a decent amount of RAM,
a tape backup robot is probably way down on the wishlist...
and re:passwd: I'm still pulling my jaw up from the desk
where it slammed as I read about it... doesn't *BSD support
anything like pam? was this thing ported over from the
previous incarnations?
|
cmcgee
|
|
response 332 of 480:
|
Dec 15 13:13 UTC 2006 |
Let me be sure I have accurate data: There has been no face-to-face staff
meeting since sometime before November 2005?
The way staff communicate about a problem is to 1) discuss it in staff
conference, 2) email each other using staff at Grex as the email address,
Do staff members ever telephone each other? Do staff members have alternative
email addresses that are known to other staff members?
I'm curious about how staff decides who will handle an emergency, what
problems are important to be working on, and whether or not any two staff
members ever work together on a problem.
I'm also curious who has staff privileges on Grex.
So far I can see remmers, gelinas, STeve, marcus. Former staff members
include mcnally, cross, spooked.
|
maus
|
|
response 333 of 480:
|
Dec 15 14:20 UTC 2006 |
FreeBSD uses PAM, OpenBSD and NetBSD use login.conf. My understanding is
that login.conf is simpler to audit, simpler to secure and more
portable, and hence why it was retained by these two versions.
|
keesan
|
|
response 334 of 480:
|
Dec 15 18:25 UTC 2006 |
In case this is actually the spam item, I am curious if anyone got the usual
60 copies of Russian stock spam in the last 24 hours. I don't think I did,
unless they changed to a different method of randomizing subject lines.
Today my spam filter did not miss a single spam or get a single false
positive. It caught lots of Russian or Chinese English viagra spam.
|
tod
|
|
response 335 of 480:
|
Dec 15 18:26 UTC 2006 |
re #319
While keesan's filtering scheme is a nice effort, applying it globally
(as someone back there suggested) is not an answer. It's too specific
to the email *she* gets. If someone else used it, it would probably
miss more spam and throw out more legitimate mail than they would
prefer.
I suggested it. I tried it and used it for a long time. She does a great
job of hitting all the major offenders. I eventually just gave in and now
use a .forward to a gmail account which has built-in filtering. I think that
the KeesanFilter (KF) would be better than no filtering at all. KF could be
easy enough to roll out so long as the first few lines are populated according
to the user.
|
keesan
|
|
response 336 of 480:
|
Dec 15 18:29 UTC 2006 |
I am NOT suggesting that people use my filter, but a much shorter and simpler
one that I wrote a sample of - see procmail.simple. It uses spamassassin and
also has samples of how to whitelist your friends. The filter I am using for
myself precedes spamassassin by a few other filters on Windows charsets and
the current day's stock spam subject line, to save cpu time by searching only
on header (including whitelisting friends). Header is the stuff you see all
of when you view a mail with pine and hit H.
|
mcnally
|
|
response 337 of 480:
|
Dec 15 18:36 UTC 2006 |
re #332:
> Let me be sure I have accurate data: There has been no face-to-face
> staff meeting since sometime before November 2005?
Apparently since before March of 2005, actually. And depending on
what is meant by "face-to-face" there probably never will be, as
Grex has had several not-local-to-Ann-Arbor staff members during
that time and there's not enough money in the Silly Hat Fund to fly
everyone in for a staff get-together.
> Do staff members ever telephone each other? Do staff members have
> alternative email addresses that are known to other staff members?
There's an off-site staff list that's available when Grex goes down
and all staff are reachable via that. Also, some of the staff know
each other socially and may communicate informally outside of e-mail.
> I'm also curious who has staff privileges on Grex.
staff:*:20:root,bhoward,gelinas,glenda,i,janc,kip,mcnally,mdw,remmers,srw,steve
wheel:*:0:root,bhoward,gelinas,glenda,i,janc,kip,mcnally,mdw,remmers,srw,steve
Apparently I am still in the "staff" and "wheel" groups despite my resignation.
|
tod
|
|
response 338 of 480:
|
Dec 15 18:45 UTC 2006 |
Which one of those on staff is the newbie? That's the same staff from 10
years ago if I'm not mistaken.
|
nharmon
|
|
response 339 of 480:
|
Dec 15 19:00 UTC 2006 |
Newbie (n): 1. Someone new 2. In the case of Grex staff, the person who
wasn't an original founding member.
|
cmcgee
|
|
response 340 of 480:
|
Dec 15 20:36 UTC 2006 |
I'm not sure I see how staff reaches consensus, given that they don't seem
to have a communication mechanism that includes all staff members.
How do "meetings" occur. By "meetings" I mean whatever group process was used
to reach decisions that were then conveyed to cross and mcnally as decisions
reached "at a meeting last night"?
|
mcnally
|
|
response 341 of 480:
|
Dec 15 20:41 UTC 2006 |
In my (limited) experience most of the time staff act unilaterally,
generally in reaction to a crisis. There's some group communication
in the staff conference and on the staff mailing list but there's
not a lot of planning discussion that takes place in those forums.
Such discussion, when it occurred, usually took place in agora or
coop.
|
tod
|
|
response 342 of 480:
|
Dec 15 20:46 UTC 2006 |
We are Devo
|
cmcgee
|
|
response 343 of 480:
|
Dec 15 20:52 UTC 2006 |
re:Mary's response in 283
" In terms of helping out our present staff I'd proabably not go the white
board and interview route quite yet. Mostly, I think they need to simply
meet more often. "
Mary, do you still feel that a staff that has not met in more than 18 months
does not need to make any changes other than more frequent meetings?
It seems to me that a staff that acts unilaterally, and is crisis-driven needs
some input from the board. Someone needs to begin a process of bringing new
staff onboard, and it does not sound like current staff have the energy or
time to do so.
What is the role of the board and the membership in this regard?
I'd like to hear from current staff and board, and from candidates as well.
|
slynne
|
|
response 344 of 480:
|
Dec 15 21:34 UTC 2006 |
I have been given the strong impression that the current staff would
not take kindly to having the board take too much control over how
staff chooses to run things. It is a delicate situation to be sure
since anyone can easily quit and walk away at any time because they
dont like the politics.
|