Changes between Version 5 and Version 6 of WebInfoPamphlet

May 18, 2008, 4:52:40 PM (12 years ago)



  • WebInfoPamphlet

    v5 v6  
    4545If that's not the answer you're getting from your provider, find another one.
    47 Do have I have full secure shell access?
     47Do I have full secure shell access?
     49You may not know this and you may not need it but there's a "layer" of functioning beneath your website display and beneath "protocols" like sftp. It's call "shell access" and it means that you can use a "command line program" to get into your directories and files. A command line program is best identified by its prompt. You have a few letters, then a colon and you enter commands next to that and things work. You're interacting directly with the server's operating system (Unix, Linux or one of the weaker OS systems) and you can do virtually everything you want to your files and accounts.
     51Of course, the caveats that apply to sftp are even more important here -- because there's so much more access. Make sure you have secure access (SSH) and use it. At this point, most providers do that. The problem is that most providers don't provide shell access at all.
     53This may seem like a nothing since many of us don't use shell access. But shell access represents true control over your Internet data and it's the most powerful control we have. It's the way system administrators work. At some point, you may need it or someone in your organization may need it and you should have it because this is your data. No questions asked.
     55If you don't have secure shell access, you should not be with that provider.
    4957 == Email ==
     59How do you handle spam?
     61We have a lot written on this issue because it is among the INternet's most important. So we'll summarize:
     63All spam should be passed on to the user who should be able to make the choices about what to do with it. This is a perfectly effective approach although it requires a bit of work on the user's part. Using one of various programs, you can "guess" what's spam and what's not with a remarkably high degree of accuracy. Then you flag it and the user decides whether to set up email so he/she can review the "spam flagged" email individually or filter it into some spam box.
     65What you don't want is a provider making those choices for you: filtering spam and destroying it, blocking it, or what's worse, rejecting and blocking the server that sent it (called blacklisting...aptly). Your provider has no right to determine the content you should receive; no company should even be allowed to make those choice for you.
     67Most of all, blacklisting is almost always a destructive and irresponsible policy. If someone is "turned in" for spamming, some providers will block that person's entire server (there's no other way to do it) which means that nobody on that server (and there are often hundreds of other users) can communicate with people on the targeted server. It is the worst kind of arbitrary blockage of free speech.
     69Finally, what defintion of spam does your provider have. There is one acceptable definition: spam is the massive, arbitrary email of material to people who cannot reasonably be expected to be interested in it. That is, if the mailer can reasonably expect that you'll be interested in the material you're receiving, that is protected speech and not spam. That's the law and, for our movement, it is a definition that must be protected because, otherwise, you can't organize.
    5173Do you use starttls so all email data is encrypted from point-to-point with other email providers using starttls? Do you enforce https only web access to webmail?