Home page logo

pen-test logo Penetration Testing mailing list archives

placement of webappsec in the cc line - The Mod's thoughts
From: "Erin Carroll" <amoeba () amoebazone com>
Date: Sun, 21 Aug 2005 19:47:05 -0700


I allowed Michael's message to the list to bring up an administrative point.
Many times I will receive messages which are cc's to one or more mailing
lists (such as webappsec, buqtraq, etc). At first I allowed these messages
through if they were appropriate for the pen-test mailing list because there
are always grey areas in our field which don't clearly fall under a specific
realm, be it pen-test, webappsec, vuln-dev, assessment, etc. However, this
has allowed for some topics to wander wildly from the charter of pen-test as
contribuors on the other lists respond and, since I don't want to drop a
discussion thread that may still get back on track for pen-test-related
info, I've allowed them through for continuity. This has resulted in a lot
of non-pen-test chatter on the list. 

Since I do not know the criteria or moderation status or acceptance criteria
of webappsec, vuln-dev etc (and don't care to track it), and since
cross-posted discussion threads can go all over the map, I will no longer be
accepting submissions with cc's to other mailing lists.

This won't be a blanket rejection policy. I will reject cross-posted
messages with a note to remove the cc's and resubmit. This will make
managing the list much easier. The only exception to this would be news
announcements like tool releases and Convention info which (usually)
generate no direct replies and can cover a large cross-section of security

For Michael:
Most email clients will reply-to-all using the sender ID as the To:
recipient. The mail list gets shunted to cc: by default. I can understand
the preference for the addresses to be in the To: field as it makes rules
filtering easier but there's nothing I can do about it.

Erin Carroll
Penetration Testing list moderator
"Do Not Taunt Happy-Fun Ball"

-----Original Message-----
From: michael.lanham [mailto:michael.lanham () us army mil] 
Sent: Sunday, August 21, 2005 11:53 AM
To: pen-test () securityfocus com; webappsec () securityfocus com
Subject: placement of webappsec in the cc line

Is it just me, or does placement of the webappsec & pen-test 
addresses in the cc line instead of the To: line seem a bit odd?  

I respectfully request that conversations to individuals, 
that folks want echoed to the list, include the lists in the 
To: line instead of the cc line...

Am I off base here?


No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.338 / Virus Database: 267.10.13/78 - Release Date: 8/19/2005

FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]