Administrivia: Good mailing list social graces.

[Daniel Hanson <dhanson () securityfocus com>]

I've posted some guidelines like this before, apparently I have to do it
again.

Leaving auto-responders on mailing list messages is not good social
behaviour. One or two auto-responses may not seem to be a huge problem,
but when a contributor to the list receives a mass of auto-response
messages, it dissuades the person from posting in the future.

We have over 10,000 subscribers, if 1% of them have auto-responders, that
is 100 messages, Do you like receiving 100 unsolicited messages in a 10
minute period in the middle of your work day?

Perhaps someone seeking assistance or advice won't be dissuaded by this
flood of email, but the people who reply and try to help (we have some
frequent contributors that do this an awful lot, thank you to all of you),
are a lot less motivated to put up with this.

Yet again, someone forwarded me an auto-reply that resulted because some
lazy site administrator decided to send all security mailing list traffic
to a a customer care email address that auto-replies to EVERY POST ALL THE
TIME.

As I have done before, and will continue to do, I will unsubscribe
addresses that do this. People on this list should be interested in making
the Internet a safer and more useable place, auto-replies because you are
too lazy to turn them off for mailing lists is not the way to do this.

As an aside, for all you corporate security administrators who seem to use
your vacation messages when you go away to conferences... If I were
interested to find the lazy administrators, and target the most lucrative
companies. I would pick a conference like blackhat or CanSecWest, send an
email to the list, and see who's away at the conference, and who
"concerns" should be addressed to while that person is away.

D