Thread: Avoiding legal email signatures
I know we have talked about how to avoid legal email signatures on this list. One idea would be for a small percentage of our users to ignore emails with a legal signature. I know I am less likely to reply to such an email. If enough people do that, it might coerce people to avoid them, and perhaps we could put something in the FAQ about it. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://www.enterprisedb.com + If your life is a hard drive, Christ can be your backup. +
On Sat, Jun 09, 2007 at 06:14:00PM -0400, Bruce Momjian wrote: > I know we have talked about how to avoid legal email signatures on this > list. One idea would be for a small percentage of our users to ignore > emails with a legal signature. I know I am less likely to reply to such > an email. The problem with that is that you ding people inside large corporations that are _trying_ to adopt PostgreSQL in the face of bad corporate policies (like "we standardise on product O" or "all outbound email gets garbage L appended"). Moreover, people who are in such environments are often prevented from visiting gmail, hotmail, or the other likely suspects in order to send their messages in circumvention of corporate policy. And remember, such people may not actually be able to prevent the signature going on by just ignoring policy -- often, it's added at the gateway on the way out of the server. I know they're irritating and stupid, but in the context of a mailing list they also have zero effect, because the mailing list address is explicitly public. I also know that they use extra space in the list archive, but if we attempted to purge the list archives of every worthless bit of nonsense in there, surely this wouldn't be the number one thing on the list (the semi-annual eruption of knee-jerk "threads are better" discussions probably take more room, for example). What we _could_ do, I suppose, is start mail-writing campaigns to legal departments in companies that insist on such disclaimers, pointing out the folly of their ways and asking that the policy be changed to distinguish between list-posting and non-list-posting accounts. A -- Andrew Sullivan | ajs@crankycanuck.ca The plural of anecdote is not data. --Roger Brinner
On Sat, 9 Jun 2007, Bruce Momjian wrote: > If enough people do that, it might coerce people to avoid them, and > perhaps we could put something in the FAQ about it. You should just say flat-out that the terms of the mailing list are incompatible with confidentiality and similar legal disclaimers because the way messages are archived make that technically impossible. Put it in the FAQ, put it in the message people get when they subscribe. Then enforce similarly to how bad top posting is dealt with now: everyone understands that people get only a curt response, perhaps just a pointer to the relevant documentation, and instead are told the specifics of their messages can't be addressed on the list while there's a disclaimer attached. Just ignoring them altogether will just give the community a bad reputation for being unresponsive. -- * Greg Smith gsmith@gregsmith.com http://www.gregsmith.com Baltimore, MD
On Sun, 10 Jun 2007, Andrew Sullivan wrote: > Moreover, people who are in such environments are often prevented from > visiting gmail, hotmail, or the other likely suspects in order to send > their messages in circumvention of corporate policy. This is all true, but the reality here is that people in such a situation are usually flat-out violating their corporate policy by posting to the list at all from inside this kind of company. By allowing it, you're encouraging them to do something they may very well get into trouble for. I've watched more than one attempt to sneak open-source source into a large enterprise get completely blown away because unapproved mailing list involvement to resolve issues became associated with making corporate information public. Ever watched someone get fired for responding to "can you post your config file?" in an environment where that's a clear violation of corporate policy? I have. > What we _could_ do, I suppose, is start mail-writing campaigns to legal > departments in companies that insist on such disclaimers The best reaction to this issue is to kick it back with apologies to the person who wants help. They're in a better position than you to straighten out the incompatiblity of their corporation with the requirements of a public mailing list. You may very well be doing them a favor to point out the concern rather than continuing a dialog with them. -- * Greg Smith gsmith@gregsmith.com http://www.gregsmith.com Baltimore, MD
Bruce Momjian wrote: > I know we have talked about how to avoid legal email signatures on this > list. One idea would be for a small percentage of our users to ignore > emails with a legal signature. I know I am less likely to reply to such > an email. Bah.... Bruce come on. The people that are sending the emails with those disclaimers "DO NOT HAVE A CHOICE". They are being forced to do so by upper management and legal. Should we penalize the poor guy in IT that just wants to use our great product because his boss and attorney's are idiots? If we did that, most people on this list would be penalized. Regardless of the legal disclaimer. Joshua D. Drake > > If enough people do that, it might coerce people to avoid them, and > perhaps we could put something in the FAQ about it. >
Greg Smith wrote: > On Sat, 9 Jun 2007, Bruce Momjian wrote: > >> If enough people do that, it might coerce people to avoid them, and >> perhaps we could put something in the FAQ about it. > > You should just say flat-out that the terms of the mailing list are > incompatible with confidentiality and similar legal disclaimers because > the way messages are archived make that technically impossible. Put it > in the FAQ, put it in the message people get when they subscribe. Then > enforce similarly to how bad top posting is dealt with now: everyone > understands that people get only a curt response, perhaps just a pointer > to the relevant documentation, and instead are told the specifics of > their messages can't be addressed on the list while there's a disclaimer > attached. Haven't we been over this at least once before? Greg is right, just document the point and leave it alone. If you want to get really picky about, make the confirmation email from the subscription process specifically state that confirming subscription is an acceptance of the PostgreSQL.Org usage policies which can be found here (insert link). Have the usage policies state that by using our lists they are giving up any confidentiality or propreitary gains because the list is *public*. Joshua D. Drake > > Just ignoring them altogether will just give the community a bad > reputation for being unresponsive. > > -- > * Greg Smith gsmith@gregsmith.com http://www.gregsmith.com Baltimore, MD > > ---------------------------(end of broadcast)--------------------------- > TIP 6: explain analyze is your friend >
On Sun, Jun 10, 2007 at 12:50:11PM -0400, Greg Smith wrote:
> This is all true, but the reality here is that people in such a situation
> are usually flat-out violating their corporate policy by posting to the
> list at all from inside this kind of company.
We don't know that in advance, and we can't know it, either. If
someone wants to do something wrong, that's not our responsibility or
fault; and by posting to a mailing list, the purported cover offered
by the disclaimer is lost (on this we seem to have ample agreement).
> I've watched more than one attempt to sneak open-source source into a
> large enterprise get completely blown away because unapproved mailing list
> involvement to resolve issues became associated with making corporate
> information public.
It might not be "sneaking"; it might in fact be two camps within a
company disagreeing about this. Imagine, for instance, the case
where the operations department of a company (to which the current
DBAs report) are opposed to any changes, because their Oracle DBAs
feel threatened and their boss thinks his career is enhanced by a
large budget under management. At the same time, the new product
development department is under pressure to lower costs and deliver
new services without adding more licenses. Since operations controls
the mail servers and the firewalls (and are adding the disclaimer),
the developers will get no help from the operations people in making
things work better. But if the developers really do deliver a new
service that costs substantially less than, say, what it would have
with Oracle, Postgres gradually finds a place in the company. And
these developers have a mandate to change things. That's how change
happens in large companies, and we have to remember that we won't be
talking to the people who don't want the change to happen.
> Ever watched someone get fired for responding to "can you post your config
> file?" in an environment where that's a clear violation of corporate
> policy? I have.
You bet. But what we seem to be asking in this thread is that people
find some way to violate what is clearly a corporate policy, or we
won't help them. We don't _know_ whether some other policy is being
violated, and it's not our responsibility to know it either. Since
we claim that we have such great community support, though, we do
have a responsibility at least to try to support people.
Perhaps we make a policy that corporate-style ("disclaimered") mail
is encouraged to seek support via corporate-style channels (e.g. is
pointed at the commercial support companies). I'm uncomfortable with
such a policy, but it'd be better than "ignore these nasty corporate
victims", which is what the proposal so far sounds like to me.
A
--
Andrew Sullivan | ajs@crankycanuck.ca
I remember when computers were frustrating because they *did* exactly what
you told them to. That actually seems sort of quaint now. --J.D. Baldwin
All,
> Perhaps we make a policy that corporate-style ("disclaimered") mail
> is encouraged to seek support via corporate-style channels (e.g. is
> pointed at the commercial support companies). I'm uncomfortable with
> such a policy, but it'd be better than "ignore these nasty corporate
> victims", which is what the proposal so far sounds like to me.
First off, I'm not clear on why we're discussing this on -hackers; -www would
be the appropriate list. So I'm cross posting; please reply any additional
messages to -www.
Second, I'm not sure why we care. I don't believe that e-mail confidentiality
notices are in fact enforceable, or at least they haven't been in some
high-profile cases which made the news. IANAL, of course.
However:
> Haven't we been over this at least once before? Greg is right, just
> document the point and leave it alone. If you want to get really picky
> about, make the confirmation email from the subscription process
> specifically state that confirming subscription is an acceptance of the
> PostgreSQL.Org usage policies which can be found here (insert link).
This is a good idea anyway. We should have a list usage policy, and we should
link to if from the subscribe confirmation and from the web subscription
page. In addition to letting people know that e-mail confidentiality footers
will be ignored, we can tell them how the lists are moderated, how to
unsubscribe (can't have this in enough places), not to use HTML mail, etc.
So, who wants to write it?
The only additional idea I have is that we ought to simply strip away any
e-mail footer over 4 lines from the archives. Not only would this purge the
confidentiality footers, it would save us some space in general.
--
Josh Berkus
PostgreSQL @ Sun
San Francisco
Josh Berkus wrote: > The only additional idea I have is that we ought to simply strip away any > e-mail footer over 4 lines from the archives. Not only would this purge the > confidentiality footers, it would save us some space in general. The effort it would take to write some code to extract the messages from the archive mboxes, break up the messages into their component parts, strip excess sig lines, reconstruct the messages, reconstruct the mboxes and then regenerate the archives would probably equate in dollar value to the disk space required for another 40 or 50 years worth of archives. I vote 'lets not bother' :-) /D
Dave Page <dpage@postgresql.org> writes:
> Josh Berkus wrote:
>> The only additional idea I have is that we ought to simply strip away any
>> e-mail footer over 4 lines from the archives. Not only would this purge the
>> confidentiality footers, it would save us some space in general.
> The effort it would take to write some code to extract the messages from
> the archive mboxes, break up the messages into their component parts,
> strip excess sig lines, reconstruct the messages, reconstruct the mboxes
> and then regenerate the archives would probably equate in dollar value
> to the disk space required for another 40 or 50 years worth of archives.
A more serious objection is that any automated tool would probably get it
wrong sometimes, and strip important text.
> I vote 'lets not bother'
Right. I agree with Josh's idea about mentioning list policies in the
subscription confirmation message, though.
regards, tom lane
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/12/07, Tom Lane wrote: > A more serious objection is that any automated tool would probably get it > wrong sometimes, and strip important text. > > > I vote 'lets not bother' > > Right. I agree with Josh's idea about mentioning list policies in the > subscription confirmation message, though. Why? If the legal mumbo-jumbo has already got some precedence as being un-enforcable (even if it's only in a handful of jurisdictions), why give it even a patina of credibility by addressing it in a policy? Saying that it's not applicable here implies that is is applicable elsewhere. To quote Ghandi "first they laugh at you, then they ignore you, then they fight you, then you win." I say we stick with the laughing. To that end, I propose should have a policy about being pelted with scathing sarcasm when the signal to boilerplate ratio drops below 10:1. Andrew -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGbxln+zlEYLc6JJgRAuaNAJsECSRrgIqR1f5c15P7OszVa34lVgCghWSb io55WHyChKGQVHCQ9R+z2ec= =KNyQ -----END PGP SIGNATURE-----
Andrew Hammond wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 6/12/07, Tom Lane wrote: >> A more serious objection is that any automated tool would probably get it >> wrong sometimes, and strip important text. >> >> > I vote 'lets not bother' >> >> Right. I agree with Josh's idea about mentioning list policies in the >> subscription confirmation message, though. > > Why? If the legal mumbo-jumbo has already got some precedence as being > un-enforcable (even if it's only in a handful of jurisdictions), why > give it even a patina of credibility by addressing it in a policy? We are addressing the "whole" using postgresql.org mailing lists issue. The legality issue is only part of it. It is always a good idea to document against stuff like this, just in case. Joshua D. Drake > Saying that it's not applicable here implies that is is applicable > elsewhere. To quote Ghandi "first they laugh at you, then they ignore > you, then they fight you, then you win." I say we stick with the > laughing. To that end, I propose should have a policy about being > pelted with scathing sarcasm when the signal to boilerplate ratio > drops below 10:1. > > Andrew > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (Darwin) > > iD8DBQFGbxln+zlEYLc6JJgRAuaNAJsECSRrgIqR1f5c15P7OszVa34lVgCghWSb > io55WHyChKGQVHCQ9R+z2ec= > =KNyQ > -----END PGP SIGNATURE----- > > ---------------------------(end of broadcast)--------------------------- > TIP 4: Have you searched our list archives? > > http://archives.postgresql.org > -- === The PostgreSQL Company: Command Prompt, Inc. === Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240 Providing the most comprehensive PostgreSQL solutions since 1997 http://www.commandprompt.com/ Donate to the PostgreSQL Project: http://www.postgresql.org/about/donate PostgreSQL Replication: http://www.commandprompt.com/products/
"Joshua D. Drake" <jd@commandprompt.com> writes:
> Andrew Hammond wrote:
>> Why? If the legal mumbo-jumbo has already got some precedence as being
>> un-enforcable (even if it's only in a handful of jurisdictions), why
>> give it even a patina of credibility by addressing it in a policy?
> It is always a good idea to document against stuff like this, just in case.
If push came to shove, which I sure hope it never does, being able to
say "you agreed to these terms of use of the mailing lists" would be
an excellent defense. They'd have to argue "that's not binding because
we didn't legally agree", whereupon we could reply "sure, and your
disclaimer is equally not binding because we didn't agree to it".
Whereupon they slink away quietly. Without such a reply they might
manage to get a court to listen for awhile before throwing them out.
If there's anything I've learned about matters legalistic, it's that
it's always better to have more than one line of defense.
regards, tom lane