Google Git
Sign in
apache / infrastructure-website / refs/heads/create-pull-request/patch / . / output / mailing-list-moderation.html
blob: 5f6fd94cfe1619adecd7d779ea4c4cd0b146facf [file] [log] [blame]
<!doctype html>
<html class="no-js" lang="en" dir="ltr">
<head>
<meta charset="utf-8">
<meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Mailing list moderation - Apache Infrastructure Website</title>
<link href="/css/bootstrap.min.css" rel="stylesheet">
<link href="/css/fontawesome.all.min.css" rel="stylesheet">
<link href="/css/headerlink.css" rel="stylesheet">
<script src="/highlight/highlight.min.js"></script> </head>
<body class="d-flex flex-column h-100">
<main class="flex-shrink-0">
<div>
<!-- nav bar -->
<nav class="navbar navbar-expand-lg navbar-dark bg-dark" aria-label="Fifth navbar example">
<div class="container-fluid">
<a class="navbar-brand" href="/"><img src="/images/feather.png" style="height: 32px;"/> Apache Infrastructure</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarADP" aria-controls="navbarADP" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarADP">
<ul class="navbar-nav me-auto mb-2 mb-lg-0">
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" data-bs-toggle="dropdown" aria-expanded="false">About</a>
<ul class="dropdown-menu">
<li><a class="dropdown-item" href="/team.html">About the team</a></li>
<li><a class="dropdown-item" href="/roundtable.html">The Infrastructure Roundtable</a></li>
<li><a class="dropdown-item" href="/blog/">The Infrastructure Blog</a></li>
</ul>
</li>
<li class="nav-item">
<a class="nav-link" href="/policies.html">Policies</a>
</li>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" data-bs-toggle="dropdown" aria-expanded="false">Services and Tools</a>
<ul class="dropdown-menu">
<li><a class="dropdown-item" href="/services.html">Services and Tools</a></li>
<li><a class="dropdown-item" href="/machines.html">Machines and Fingerprints</a></li>
<li><a class="dropdown-item" href="https://blocky.apache.org/">Blocky</a></li>
<li><a class="dropdown-item" href="https://app.datadoghq.com/account/login?next=%2Finfrastructure">DataDog</a></li>
<li><a class="dropdown-item" href="https://whimsy.apache.org/roster/committer/" target="_blank">Committer Search</a></li>
</ul>
</li>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" data-bs-toggle="dropdown" aria-expanded="false">Documentation</a>
<ul class="dropdown-menu">
<li><a class="dropdown-item" href="/doc.html">Contribute</a></li>
<li><a class="dropdown-item" href="/infra-volunteer.html">Volunteer with Infra</a></li>
<li><a class="dropdown-item" href="/how-to-mirror.html">Become an ASF download mirror</a></li>
<li><a class="dropdown-item" href="/hosting-external-agent.html">Host a Jenkins or Buildbot agent</a></li>
</ul>
</li>
<li class="nav-item">
<a class="nav-link" href="/stats.html">Status</a>
</li>
<li class="nav-item">
<a class="nav-link" href="/contact.html">Contact Us</a>
</li>
</ul>
</div>
</div>
</nav>
<!-- page contents -->
<div id="contents">
<div class="bg-white p-5 rounded">
<div class="col-sm-8 mx-auto">
<h1>
Mailing list moderation
</h1>
<p>Mailing lists are the virtual rooms where ASF communities live, form and grow. All formal decisions the project's PMC makes need to have an email thread (possibly with a recorded vote) as an audit trail that this was an official decision.</p>
<ul>
<li><a href="#new-mailing-list">How do we create a new mailing list?</a></li>
<li><a href="#mailing-list-moderators">How do I change moderators?</a></li>
<li><a href="#subscribers">How do I find who is subscribed to a list?</a></li>
<li><a href="#mail-moderate">What should I do with MODERATE emails?</a></li>
</ul>
<p>Dealing with</p>
<ul>
<li><a href="#spam">MODERATE requests for spam</a></li>
<li><a href="#allowing_posts">allowing posts from non-subscribers</a></li>
<li><a href="#problem_posts">problem posts</a></li>
<li><a href="#missing">reports of missing mail</a></li>
<li><a href="#bounce">reports of message bounces</a></li>
</ul>
<p>See also Infra's general guidelines on <a href="https://infra.apache.org/content-moderation.html" target="_blank">content moderation</a>.</p>
<h3 id="new-mailing-list">How do we create a new mailing list?<a class="headerlink" href="#new-mailing-list" title="Permanent link">&para;</a></h3>
<p>It is wise to keep the number of mailing lists per codebase the smallest possible to allow the community to reach that critical mass that is necessary to bootstrap a codebase and keep it in good shape.</p>
<p>At the same time, as communities grow, the need for more specialized mailing lists appears. If you think your project requires a new list:</p>
<ul>
<li>Float the idea in the <code>dev@</code> or <code>users@</code> mailing list.</li>
<li>If there seems to be some support for the idea, request a community vote.</li>
<li>If the community approves adding a mailing list, the PMC chair or another Apache Member on the PMC can do so through the <a href="https://selfserve.apache.org" target="_blank">ASF Self-Service Platform</a></li>
</ul>
<p><strong>WARNING</strong>: Creating a user email list can harm a project community if the developers don't pay attention to their users and reply to their emails. One would expect a well-behaving user community to reply to one another in a civil, adult manner that is focused on whatever the list was created for, but it can take time for a community to learn and take to heart such good behavior.</p>
<h3 id="mailing-list-moderators">How do I change moderators?<a class="headerlink" href="#mailing-list-moderators" title="Permanent link">&para;</a></h3>
<p>You can manage the list of moderators for a project's email list if you are:</p>
<ul>
<li>a Foundation member and on the PMC of the project</li>
<li>chair of the project</li>
<li>
<p>an existing moderator of the list</p>
<ul>
<li>Log in to <a href="https://webmod.apache.org/" target="_blank">WebMod</a> with your ASF credentials. </li>
<li>Select the 'List moderator management' tab.</li>
<li>In the dropdown list, select the project which has the email list in question.</li>
<li>In the list of email lists that appears, select the list whose moderators you want to manage.</li>
</ul>
</li>
</ul>
<p>The current list of moderators for this list appears. You can:</p>
<ul>
<li><strong>Remove a moderator</strong>: Click the <code>Remove as moderator</code> link beside their name.</li>
<li><strong>Add a moderator</strong>: In the <code>Add a moderator</code> field, enter the email address of the new moderator. Make sure this is an address that the person has registered with the ASF.</li>
</ul>
<p>To determine who the existing moderators are, any committer can use the technique described in the "committers" SVN module at <a href="https://svn.apache.org/repos/private/committers/docs/resources.txt" target="_blank">resources.txt</a>.</p>
<h3 id="subscribers">How do I find who is subscribed to a list?<a class="headerlink" href="#subscribers" title="Permanent link">&para;</a></h3>
<p>Moderators can send an email to <code>listname-list@tlp.apache.org</code>.</p>
<p>Anyone with access to the apmail account can run the following command to get a count of the subscribers:</p>
<div class="highlight"><pre><span></span><code>ezmlm-list~/lists/project/listname| wc -l
</code></pre></div>
<p>Remember that there often are people subscribed to the digest version of the list. To find them:</p>
<div class="highlight"><pre><span></span><code>~lists/project/listname/digest
</code></pre></div>
<p>However, most committers do not have access to apmail. See the notes in the "committers" SVN module (<code>https://svn.apache.org/repos/private/committers</code>) at <code>/docs/resources.txt</code> for another way.</p>
<h3 id="mail-moderate">What should I do with "MODERATE" emails?<a class="headerlink" href="#mail-moderate" title="Permanent link">&para;</a></h3>
<p>You can review and manage email that is waiting for moderation in two ways:</p>
<h4>WebMod</h4>
<p><a href="https://webmod.apache.org/" target="_blank">WebMod</a> simplifies reviewing and responding to emails that require moderation.</p>
<ul>
<li>Log in to WebMod using your Apache credentials.</li>
<li>A tab appears for each email list for which you are a moderator and that has emails needing review. Select a tab.</li>
<li>You can approve or reject multiple emails in one action by checking the checkboxes to the left of the email titles and selecting either <code>accept</code> or <code>spam</code> from the bulk-actions dropdown list.</li>
<li>You have many options for reviewing each individual email, including displaying just the text body or viewing the source. The options appear as links to the right of the email title.</li>
</ul>
<h4>Manual moderation</h4>
<p>Review the mail to see if it is spam (or other severely misguided mail). If it is spam, just ignore the mail to have it silently dropped after 5 days.</p>
<p>To bounce non-spam with a notice to the sender, reply to the <code>-reject</code> address in the mail header. If you wish to include a comment with the rejection, the body of the message should look like this:</p>
<div class="highlight"><pre><span></span><code><span class="c">%%% Start comment</span>
<span class="n">Your</span><span class="w"> </span><span class="s">message</span><span class="w"> </span><span class="s">goes</span><span class="w"> </span><span class="s">here...</span>
<span class="c">%%% End comment</span>
</code></pre></div>
<p>If it is legitimate mail from a non-subscriber (or someone sending with a different envelope sender than the one subscribed), reply to the <code>-accept</code> address. If you also send mail to the <code>-allow</code> address (i.e. reply to all), future postings from that address will be allowed through automatically.</p>
<p>If there is no <code>-allow</code> address in the moderate requests, the list is misconfigured. Contact <code>apmail@apache.org</code> and ask them to enable remote administration.</p>
<p>See the <a href="http://www.ezmlm.org/" target="_blank">EZMLM</a> "Moderator's and Administrator's Manual". You can also send a request for advice to <code>{listname}-help@tlp.apache.org</code> from your moderation address.</p>
<p>Some lists are only open to ASF committers. The moderators have methods to ensure that subscribers are committers, so subscribers can use whatever email address that they want. Moderators see the tips described in the "committers" SVN module at <a href="https://svn.apache.org/repos/private/committers/docs/resources.txt" target="_blank">resources.txt</a>.</p>
<h3 id="spam">Dealing with MODERATE requests for spam<a class="headerlink" href="#spam" title="Permanent link">&para;</a></h3>
<p><strong>NOTE</strong>: You may receive a moderation email that contains email identified as spam. Moderation emails containing spam emails are <strong>not spam</strong>. <strong>DO NOT</strong> report mod emails as spam because this causes our legitimate moderation email and the ASF servers themselves to lose sender reputation. Various email providers may block the ASF as a whole as a result of your action.</p>
<p>If the content of the MODERATE request is clearly spam, the simplest solution is just to delete the request. Do not reject it. However, if you are receiving a lot of such requests, it may perhaps be worth taking additional action.</p>
<p>Some SPAM emails have an opt-out link. Whether this will actually do anything useful is another matter, but it might be worth trying if the spam seems to be from a legitimate business.</p>
<p>To avoid revealing your personal IP address, you may wish to use an anonymizing service such as Tor.</p>
<p>If the spam emails are all sent from the same address, try adding them to the 'deny' list:</p>
<div class="highlight"><pre><span></span><code><span class="err">{</span><span class="n">listname</span><span class="err">}</span><span class="o">-</span><span class="k">deny</span><span class="o">-</span><span class="n">subscribe</span><span class="o">-</span><span class="n">badposter</span><span class="o">=</span><span class="n">menace</span><span class="p">.</span><span class="n">com</span><span class="nv">@tlp</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span><span class="o">&lt;/</span><span class="n">code</span><span class="o">&gt;</span>
</code></pre></div>
<p>You can find the sender's address in the moderation request in the <code>cc:</code> area:</p>
<div class="highlight"><pre><span></span><code><span class="nl">Cc</span><span class="p">:</span><span class="w"> </span><span class="err">{</span><span class="n">listname</span><span class="err">}</span><span class="o">-</span><span class="n">allow</span><span class="o">-</span><span class="n">tc</span><span class="p">.</span><span class="o">&lt;</span><span class="n">digits</span><span class="o">&gt;</span><span class="p">.</span><span class="o">&lt;</span><span class="n">alphanumeric</span><span class="o">&gt;-</span><span class="n">badposter</span><span class="o">=</span><span class="n">menace</span><span class="p">.</span><span class="n">com</span><span class="nv">@tlp</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span>
</code></pre></div>
<p>The sender's e-mail address is contained between the '-' (hyphens) immediately following the "alphanumerics" and the '@' sign.</p>
<p>This is already in the correct form for use in the 'deny' subscription request, as the '@' has been changed to '='. In the example above this is:</p>
<div class="highlight"><pre><span></span><code>badposter=menace.com
</code></pre></div>
<p>If this address contains random alphanumerics, it is probably a short-lived address, in which case there is no point trying to use the deny list.</p>
<h3 id="allowing_posts">Allowing posts from non-subscribers<a class="headerlink" href="#allowing_posts" title="Permanent link">&para;</a></h3>
<p>Most lists require people to subscribe in order to post messages. However, subscribers receive copies of all mails (or digests). This is obviously unsuitable for bots, or for private lists which need to accept posts from non-subscribers.</p>
<p>A moderator can fix this by using 'Reply All' to a moderation message from the poster. This will both 'accept' the message and 'allow' further posts.</p>
<p>It's also possible to set this up in advance, by subscribing the poster to the 'allow' list. For example, if you want <code>mailbot@host.com</code> to be able to post, use:</p>
<div class="highlight"><pre><span></span><code><span class="err">{</span><span class="n">listname</span><span class="err">}</span><span class="o">-</span><span class="n">allow</span><span class="o">-</span><span class="n">subscribe</span><span class="o">-</span><span class="n">mailbot</span><span class="o">=</span><span class="k">host</span><span class="p">.</span><span class="n">com</span><span class="nv">@tlp</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span>
</code></pre></div>
<p>Replace the '@' in the sender email with '='.</p>
<h3 id="problem_posts">Dealing with problem posts<a class="headerlink" href="#problem_posts" title="Permanent link">&para;</a></h3>
<p>If you have a troublesome poster, you can un-subscribe them from the list using</p>
<div class="highlight"><pre><span></span><code><span class="err">{</span><span class="n">listname</span><span class="err">}</span><span class="o">-</span><span class="n">unsubscribe</span><span class="o">-</span><span class="n">badboy</span><span class="o">=</span><span class="n">menace</span><span class="p">.</span><span class="n">com</span><span class="nv">@tlp</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span>
</code></pre></div>
<p>Send a courtesy email to them to let them know they have been unsubscribed, and why.</p>
<p>Occasionally you will get someone with a poorly-configured spam filter sending automated replies to the list. You can deny their postings using</p>
<div class="highlight"><pre><span></span><code><span class="err">{</span><span class="n">listname</span><span class="err">}</span><span class="o">-</span><span class="k">deny</span><span class="o">-</span><span class="n">subscribe</span><span class="o">-</span><span class="n">badposter</span><span class="o">=</span><span class="n">menace</span><span class="p">.</span><span class="n">com</span><span class="nv">@tlp</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span>
</code></pre></div>
<p>Send a courtesy email suggesting how they can resolve the problem.</p>
<p>If an unsubscribed user was added to the moderation list and is sending spam to the list, remove them by sending an email to:</p>
<div class="highlight"><pre><span></span><code><span class="err">{</span><span class="n">listname</span><span class="err">}</span><span class="o">-</span><span class="n">allow</span><span class="o">-</span><span class="n">unsubscribe</span><span class="o">-</span><span class="n">badposter</span><span class="o">=</span><span class="n">menace</span><span class="p">.</span><span class="n">com</span><span class="nv">@tlp</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span>
</code></pre></div>
<p>To see a list of who is allowed to post on the moderation list, send an email to <code>{listname}-allow-list@tlp.apache.org</code>.</p>
<p>There is an <em>opt-in</em> configuration for problem posters, which lets you subscribe him or her to a 'sendsubscribertomod' list. It works in exactly the same way as adding or removing someone from an 'allow' or 'deny' list. File an INFRA ticket to have it enabled for your list (you don't have to use it, but having it enabled adds an option for you to consider).</p>
<p>To use it (once it has been enabled) do this:</p>
<div class="highlight"><pre><span></span><code><span class="err">{</span><span class="n">listname</span><span class="err">}</span><span class="o">-</span><span class="n">sendsubscribertomod</span><span class="o">-</span><span class="n">subscribe</span><span class="o">-</span><span class="n">badposter</span><span class="o">=</span><span class="n">menace</span><span class="p">.</span><span class="n">com</span><span class="nv">@tlp</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span>
</code></pre></div>
<p>All emails from this person now go to a moderator for approval before they appear in the mailing list.</p>
<p>Once a bad poster starts behaving in the proper manner again, feel free to 'unsubscribe' them from the 'sendsubscriberstomod' list so they can resume normal operations.</p>
<p>Send moderation commands from your <strong>moderator address</strong>. You can tell if you're sending from the right address by emailing the <code>-help</code> address (e.g.,
<code>dev-help@tlp.apache.org</code>) and checking if the subject of the reply contains the word "Moderator help".</p>
<h3 id="missing">Dealing with reports of missing mail<a class="headerlink" href="#missing" title="Permanent link">&para;</a></h3>
<p>If a subscriber reports that they are not receiving some e-mails, check which ones are involved. If they are not seeing their own e-mails, note that GMail hides duplicates.
Also check whether the emails could have been treated as SPAM by their e-mail client.</p>
<h3 id="bounce">Dealing with reports of message bounces<a class="headerlink" href="#bounce" title="Permanent link">&para;</a></h3>
<p>If a subscriber reports getting a bounce message from ezmlm, ask them to provide the details.
For example:</p>
<div class="highlight"><pre><span></span><code><span class="n">Hi</span><span class="err">!</span><span class="w"> </span><span class="n">This</span><span class="w"> </span><span class="k">is</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">ezmlm</span><span class="w"> </span><span class="n">program</span><span class="p">.</span>
<span class="n">I</span><span class="err">&#39;</span><span class="n">m</span><span class="w"> </span><span class="n">managing</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="k">user</span><span class="nv">@tlp</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span><span class="w"> </span><span class="n">mailing</span><span class="w"> </span><span class="n">list</span><span class="p">.</span>
<span class="n">Messages</span><span class="w"> </span><span class="k">to</span><span class="w"> </span><span class="n">you</span><span class="w"> </span><span class="k">from</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="k">user</span><span class="w"> </span><span class="n">mailing</span><span class="w"> </span><span class="n">list</span><span class="w"> </span><span class="n">seem</span><span class="w"> </span><span class="k">to</span>
<span class="n">have</span><span class="w"> </span><span class="n">been</span><span class="w"> </span><span class="n">bouncing</span>
<span class="p">...</span>
<span class="n">Here</span><span class="w"> </span><span class="k">are</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">message</span><span class="w"> </span><span class="nl">numbers</span><span class="p">:</span>
<span class="w"> </span><span class="mi">12345</span>
</code></pre></div>
<p>This can occur if the recipient's mail system has strict SPAM detection rules. </p>
<p>One way to find such emails is to request an index listing from ezmlm, for example
by sending an email to <code>dev-index-12345@tlp.apache.org</code>. This will show the subject, timestamp and sender of the email. That may be sufficient to identify it as spam.
If not, the subject and date should make it easy to find the email in the archives.</p>
</div>
</div>
</div>
<!-- footer -->
<div class="row">
<div class="large-12 medium-12 columns">
<p style="font-style: italic; font-size: 0.8rem; text-align: center;">
Copyright 2024, <a href="https://www.apache.org/">The Apache Software Foundation</a>, Licensed under the <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.<br/>
Apache&reg; and the Apache feather logo are trademarks of The Apache Software Foundation...
</p>
</div>
</div>
<script type="application/ecmascript" src="/js/bootstrap.bundle.min.js" integrity="sha384-OERcA2EqjJCMA+/3y+gxIOqMEjwtxJY7qPCqsdltbNJuaOe923+mo//f6V8Qbsw3"></script> </div>
</main>
<script>hljs.initHighlightingOnLoad();</script>
</body>
</html>