|
moderated
More efficient page navigation of member and other lists
#suggestion
Barry_M
I'm new to groups.io but, now a week or so in, came across something that, very probably, must have been suggested before or just decided against. But, on the off chance it hasn't been...
When looking at "Members" for a group, at lower right are the page numbers and obvious how one can click on whatever page or click through them to see the entirety of a list. But, to the left and right of a small range (maybe 5-8) page number options are single arrows which, if clicked, move one page left or right. I'd love to suggest the inclusion of double arrows at left and right of those single arrows to speed navigation. Clicking on one of those would bring you to the first or last page of a membership list versus just one page left or right. Screenshot attached.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Oops. That was a mental typo. Should say “ is not really automatic”
toggle quoted messageShow quoted text
On Apr 25, 2019, at 10:12 AM, J_Catlady via Groups.Io <j.olivia.catlady@...> wrote:
-- J Messages are the sole opinion of the author, especially the fishy ones.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
I had one more thought on the idea that rejection, etc., should not be done "automatically" lest nefarious individuals take advantage of the situation: Messages are the sole opinion of the author, especially the fishy ones.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Jeremy H
My thought on this is: what would happen if the topic was not locked? The message (posting to topic) would AIUI be dealt with 'normally' (posted through, moderated, whatever), even if from a spammer: that being the case, I fail to see what the real problem in sending a reply (with or without original message), saying 'This is a locked topic, your message has been rejected' (or words to that effect), and that should be the 'normal' response in that case.
Jeremy
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Glenn Glazer
On 4/25/2019 09:16, Brian Vogel wrote:
Locking topics is a basic function under any forum/e-mail system that I have used over the course of decades. It needs to work. Hear, hear! I couldn't agree more. In the computer security field, we often say that one doesn't need Fort Knox to safeguard a broken bicycle, which is a metaphorical way of saying exactly what Brian says above. Best, Glenn M.S. '07 UCLA Security and Cryptography --
We must work to make the Democratic Party the Marketplace of Ideas not the Marketplace of Favors.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Marv, Another reason to lock instead of moderate is to disable Likes. Again, stopping all activity. A third reason is not wanting to compose and send rejection notices. Locking (whether via the current bounce message or the proposed method) sends, or would send under the proposed idea, a boilerplate “This topic is locked.” A fourth reason is to eliminate the Reply button so that members responding via web realize they can’t post to the topic even before they’re tempted to reply. Etc. Locking is just a whole different ballgame from moderation.
On Apr 25, 2019, at 8:40 AM, Marv Waschke <marv@...> wrote:
--
J Messages are the sole opinion of the author, especially the fishy ones.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Brian Vogel <britechguy@...>
Locking topics is a basic function under any forum/e-mail system that I have used over the course of decades. It needs to work.
No one is proposing "security by obscurity." The fact, and it is a fact, is that spammers look for ease of putting a message out scattershot. They do not target, and they certainly do not target in the way discussed here. One takes precautionary measures based upon a realistic risk assessment. It is a waste of time and effort to try to prevent the highly improbable. If the highly improbable becomes easy or starts being used, then one takes remedial measures. 'Twas ever thus when keeping up with what spammers will try next. The idea of a spammer employing backscatter is, to put it mildly, highly improbable. I don't worry about being hit by a meteorite when sitting in my living room (though it's conceivably possible) just as I don't worry about the issue of backscatter and spammers. If it were an easy and worthwhile effort to achieve their ends it would have been in use long before now, as the capability has existed long before now. -- Brian - Windows 10 Pro, 64-Bit, Version 1809, Build 17763 Presenting the willfully ignorant with facts is the very definition of casting pearls before swine. ~ Brian Vogel
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Forgive me if I am missing something, but groups that want to avoid ugly bounce messages could put topics under moderation instead of locking the topics. Wouldn't that be an effective workaround that lets the individual group decide? I can't recall that I've ever locked or placed a topic under moderation so I don't have experience.
In other realms, I've seen "security by obscurity" (don't worry, those dopey criminals will never bother to figure it out) fail miserably, so I am inclined to close security gaps even when a breach appears improbable at the moment. If you accept the obscurity argument regularly, you end up with a porous system. Best, Marv
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Brian Vogel <britechguy@...>
I agree that there's very little value in including the member's message in the bounce message back when a topic is locked. I also agree that it would be nice to have the ability to customize a group's message sent back when a topic is locked.
The above being said, I just tested out what Leeni discussed, and the following is the text that comes back at the top, before the quotation of the incoming message that's been rejected: The response from the remote server was: 500 This topic has been locked by the moderators and can no longer be posted to. Brian - Windows 10 Pro, 64-Bit, Version 1809, Build 17763 Presenting the willfully ignorant with facts is the very definition of casting pearls before swine. ~ Brian Vogel
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
On Wed, Apr 24, 2019 at 08:47 AM, Shal Farley wrote:
Rejection notices typically contain a copy of the rejected message, in this scenario that would be the payload.Why couldn't that be altered for this case? The original suggestion already would require some nontrivial programming. The suggestion is not just, "turn locked topics into moderated topics." It's "treat locked topics similarly to moderated topics, but where the system automatically rejects the messages." So why not also do away with including the rejected message? Voila, no payload. I'm not suggesting making locked topics into moderated topics where everything has to remain the same, including pasting in a copy of the rejected message. I'm saying, IF the system can handle moderated topics without bouncing messages, it should also be able to handle locked topics without bouncing messages. -- J Messages are the sole opinion of the author, especially the fishy ones.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Leeni
-------Original Message-------
From: Brian Vogel
Date: 4/24/2019 12:31:45 PM
Subject: Re: [beta] User-friendly message rejection after attempt to post to a locked thread #suggestion The need to hide a topic, per se, is separate from this topic. But the fact that one cannot delete a topic after locking it, and having it remain somehow stored by Groups.io as locked, without any trace of it being visible to anyone is not. Locked topics should not only be able to have some sort of "human comprehensible" message of the "You can't post to this topic because it's locked" nature sent out, but if one locks a topic there should be a "locked list" maintained even if the topic itself is deleted afterward. Locked is locked, and should not be volatile based on the presence or absence via deletion of the material that triggered a topic to be locked in the first place. While I'd like to have the capability to hide a topic for its own sake, when it comes to locked topics that I wish to have purged from the archive I'd far rather do that than hide it just so that no one can post to it again. It strikes me as entirely feasible (and I may be wrong) to maintain a history of all locked topics for a group, even if said topic were subsequently deleted, so that "late entries" cannot revive it from the dead when replying to it. I know individuals can create a separate topic to try to revive or extend something, but that is taken care of by the moderators making clear that it will not be tolerated and immediately locking the revival attempt. (Then, if I had the option, deleting it if it would keep it locked, or at the very least hiding it to keep it out of the archive view). -- Brian - Windows 10 Pro, 64-Bit, Version 1809, Build 17763 Presenting the willfully ignorant with facts is the very definition of casting pearls before swine. ~ Brian Vogel
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Brian Vogel <britechguy@...>
This also ties in, and pretty directly, with another feature request I made: Hide Topic Function
The need to hide a topic, per se, is separate from this topic. But the fact that one cannot delete a topic after locking it, and having it remain somehow stored by Groups.io as locked, without any trace of it being visible to anyone is not. Locked topics should not only be able to have some sort of "human comprehensible" message of the "You can't post to this topic because it's locked" nature sent out, but if one locks a topic there should be a "locked list" maintained even if the topic itself is deleted afterward. Locked is locked, and should not be volatile based on the presence or absence via deletion of the material that triggered a topic to be locked in the first place. While I'd like to have the capability to hide a topic for its own sake, when it comes to locked topics that I wish to have purged from the archive I'd far rather do that than hide it just so that no one can post to it again. It strikes me as entirely feasible (and I may be wrong) to maintain a history of all locked topics for a group, even if said topic were subsequently deleted, so that "late entries" cannot revive it from the dead when replying to it. I know individuals can create a separate topic to try to revive or extend something, but that is taken care of by the moderators making clear that it will not be tolerated and immediately locking the revival attempt. (Then, if I had the option, deleting it if it would keep it locked, or at the very least hiding it to keep it out of the archive view). -- Brian - Windows 10 Pro, 64-Bit, Version 1809, Build 17763 Presenting the willfully ignorant with facts is the very definition of casting pearls before swine. ~ Brian Vogel
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Glenn Glazer
On 4/24/2019 08:32, Shal Farley wrote:
I admit it does seem far-fetched that a miscreant would put together the pieces necessary to exploit this particular suggestion. This I agree with. And furthermore, the way around all of the speculation is to make it a feature that individual groups can turn on or off as a preference. So, for those groups for whom it works and want this, great and if some spammer is attacking a group, they can turn it off temporarily or permanently without impairing the usage by other groups. The same holds true, incidentally, of my other suggestion to send it a queue, by which I meant a different queue than the regular moderation queue. The idea would be that it would be easier in a separate queue to select all and send the group's customized locked thread message than to have to pick them out of the general moderation queue. Best, Glenn --
We must work to make the Democratic Party the Marketplace of Ideas not the Marketplace of Favors.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
J, Do you mean they would spoof various group members' email addresses in order to connivingly and deliberately send messages to locked topics in their name, just so that the group members would get the rejection message? That is the scenario, as I understand it. Rejection notices typically contain a copy of the rejected message, in this scenario that would be the payload.
It is a concern (as Mark said), not a proven threat that I know of. I admit it does seem far-fetched that a miscreant would put together the pieces necessary to exploit this particular suggestion. Perhaps ironically beta itself seems like one of the juicier targets because it has public archives, unrestricted membership, and (formerly) generous use of thread locking; yet even so it seems unlikely to me. However, once someone figures it out history has shown us that the dark corners of the internet are pretty good at sharing "how-to" info and packaged scripts to exploit anything they can. Shal
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Brian Vogel <britechguy@...>
Being someone who deals with spam management on a daily basis, I have to say that I find the idea that spammers would do what is proposed highly, very highly, unlikely.
It's not something that would be of any value to them in any way I can think of. They want their message out there, and no matter what they'd get back from trying to e-mail to a locked thread if it isn't a posted message they'd almost certainly move on. Spam is a "drive by" activity using the broadest and quickest scatter and run methods possible. When they get a rejection message they move along. -- Brian - Windows 10 Pro, 64-Bit, Version 1809, Build 17763 Presenting the willfully ignorant with facts is the very definition of casting pearls before swine. ~ Brian Vogel
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
On Tue, Apr 23, 2019 at 10:44 PM, Shal Farley wrote:
Automatically sending back a message runs the risk of allowing spammers to deliberately trigger this response, targeting group members.Shal, Ok, I read Lena's message about backscatter, and yours explaining it, and I am missing something. It seems unrealistic/overly pessimistic to assume that spammers would somehow find and send messages to locked topics. Even if they were somehow able to do that (which could only occur in unrestricted groups anyway), how would this "target group members"? Do you mean they would spoof various group members' email addresses in order to connivingly and deliberately send messages to locked topics in their name, just so that the group members would get the rejection message? I considered myself cynical, but even I am not as cynical as that. Or perhaps I'm actually overly naive and trusting. :) -- J Messages are the sole opinion of the author, especially the fishy ones.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
J,
I still have not heard what's infeasible about my original suggestion,Read back through the topic for the word "backscatter", starting with Lena's message of 2018-01-02. Automatically sending back a message runs the risk of allowing spammers to deliberately trigger this response, targeting group members. Shal
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
On Tue, Apr 23, 2019 at 12:50 AM, Shal Farley wrote:
I still have not heard what's infeasible about my original suggestion, which is to treat locked topics as moderated topics but wherein all posts are rejected automatically by the system and sent a canned "this subject is locked" rejection notice.2. Have an option that messages that go to locked threads go to aThis seems to me to be the same as moderating the topic, rather than locking it. -- J Messages are the sole opinion of the author, especially the fishy ones.
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
Glenn,
1. ... if a message is from member in group, send back new email withIf the message is from a non-subscriber it should be given an error at connection time (not accepted then dropped) using the existing error code/text for non-subscriber messages -- unless the group is set to allow non-subscriber posts. If the group is set to allow them, then a message to a locked topic from a non-subscriber should be handled the same as one from a member. I realize that 1. risks backscatter, but until there is evidence ofThis belongs in a different topic, but I've come to believe that Groups.io ought to be doing DMARC-like authentication on inbound group postings and email commands before accepting them. That would (I think) eliminate the risk of backscatter were Groups.io to accept the message and separately send back a "nice" error message. https://beta.groups.io/g/main/topic/24836368#18077 2. Have an option that messages that go to locked threads go to aThis seems to me to be the same as moderating the topic, rather than locking it. Shal
|
|||
|
|
|||
|
moderated
Re: User-friendly message rejection after attempt to post to a locked thread
#suggestion
I'm in favor of option 2 personally. I'd rather hold the messages then either reject them all, or maybe let one or 2 through, or not depending on the case. Sarah Alawami, owner of TFFP. . For more info go to our website. The listen page is found here Our telegram channel is also a good place for an announce only in regard to podcasts, contests, etc. Finally, to become a patron and help support the podcast go here
On 22 Apr 2019, at 16:09, Glenn Glazer wrote:
|
|||
|
|
