On Wed, Aug 27, 2003 at 01:35:12PM +0200, Tore Anderson wrote: > [ Please do not send me CC's, as I have not explicitly asked for them. ] Apologies. > > * Stephen Stafford > > > Sorry, but I do NOT see how this is a grave bug. It's wishlist (at best). > > > > YOU might not agree that C-R systems are good (personally I detest them), > > but that does NOT mean that we shouldn't release one. If the package is in > > good shape and functions as advertised, then it IS fit for release. > > I do not have anything against C-R systems per se, and I do not care if > others use them, or if we distribute them. What I -do- have a problem > with is that the C-R system in question ignores the fact that SMTP > headers are trivially (and regulary) forged. I believe this is deliberate, > and that TMDA does not attempt to verify that the recipient of the > challenge truly was the sender of the original e-mail. (If it did, I > would have no problem with it at all.) > > Therefore third-party users, who had nothing to do with the original > sending of the mail, will receive unsolicited e-mail, and that even > from a program which is designed to stop such junk. > > > Hey, how about if I decide that emacs is a huge bloaded piece of shit? > > Does that mean we shouldn't release it? > > > > Or if I decide that CUPS is rubbish and lprng is the One True Printer > > Daemon? > > > > Or that Gnome is a steaming pimple on the arse of desktop managers? > > None of these are comparable - that one user installs Gnome on his > system does not hurt you in any way. You can simply ignore it and > go on with your life. You do not even have to know -- Gnome will not > send you unsolicited junk mail, regardless of it being a 'steaming > pimple' or no. The original submitter was NOT compaining that the package was badly implemented, he was complaining that C-R systems are bad (okay, he has lots of reasons why he thinks they are bad, but it's all opinion in the end) and should not be released. The TMDA package is not broken with respect to what it is meant to do. It does exactly what it is meant to do. The fact that you don't like it is neitehr here nor there. My examples of Gnome, emacs and CUPs were just that...examples. They are designs which some people like and some people don't. The variety that says we can have different designs is a good thing. Personally I do not like C-R systems. In general if I get a challenge from one, I ignore it. This does not mean that the tmda package is buggy. All it means is that you don't like what it does. That being the case, it is exactly comparable to someone deciding that because they don't like emacs, or Gnome or whatever that we should file a RC bug on it to prevent it being released. The only thing that isn't comparable WHY you don't like it. Sorry, but from where I sit, it's not a good enough reason to remove it from the archive, or to prevent it being released. I dislike C-R based anti-spam measures, and I will tell anyone who asks me WHY I don't like them. Someone who likes vi and detests emacs will tell anyone why he dislikes emacs. I don't see why this should be a good reason for removal from the archive, or why this is a release critical bug. Stephen
Attachment:
pgpb2n6WuULOX.pgp
Description: PGP signature