There's Always One...

The twins each have their own computer. Several months ago I hooked these up to our home LAN, and the kids have been enjoying playing games on several websites. I installed squid onto my gateway to restrict the sites the kids could visit. This has worked out pretty well.

Not long after they got connected, they started asking about email. I fended these questions off for quite some time. I simply wasn't ready to tackle the issue, or commit the time to educate them on "safe" email habits. The kids kept deviling, and soon grandma joined the debate on their side, so I had to do something.

After some research, I implemented a solution and shared my efforts with the community:
Newsforge.com: A child-safe SMTP whitelist with Postfix and MySQL

The first comment to my article was a friendly "me too!" stating that a similar solution was possible with a different set of tools. I think that's awesome! After all, one of the mottos of this free software movement is that there's more than one way to do it! The more we share our solutions, the stronger each solution becomes.

The second comment was, unfortunately, totally expected. It seems that every time any sort of "child safety" technology discussion comes up, there's always someone who makes sweeping accusations against the technology implementor(s) and their parenting skills. Granted, this particular comment wasn't inflammatory, but I think it did make a pretty big logical leap:

I don't know how old your kids are, but do you think you will be able to always just build a firewall to protect your children from everything you think is unsuitable for them? Don't you think you prepare them much better by talking to them for example how not to receive to much spam, how to handle spam, and after all why you think these kind of spam is bad?
How do you think do your kids learn this? By being blocked out from the world?

I posted this reply:

Hi. I'm the author of the article.
No, I don't think I'll be able to "firewall" every aspect of my kids' lives; nor do I have any intention to do so. I find it extremely interesting that such a conclusion could be drawn from this HOWTO.
As a parent, it is my obligation to make value judgements about my kids well-being until such time as they're able to make them on their own. I wouldn't let strangers talk to my kids on the phone. I wouldn't let strangers come to my house to talk to my kids. Why would I let strangers send email to my kids?
Don't you think you prepare them much better by talking to them for example how not to receive to much spam, how to handle spam, and after all why you think these kind of spam is bad?
I don't let my kids ride a bicyle without a helmet. Educating is a very important component of everything a parent does; but a responsible parent should take the time to put up appropriate safety mechanisms to help their children learn as safely and effectively as possible for that child. Every kid has different needs and different styles. What works for my kids might not work for your kids.
This article simply demonstrates one way to create a safe, controlled introductory environment to email for my kids. If it helps someone else then that's great! If it doesn't help you, that's okay, too. The great thing about parenting is that there's more than one way to do it.

Teaching my kids how to use email appropriately and effectively was not the topic of my article; it's a whole seperate topic unto itself, and certainly worthy of effort. I'm sure a lot of parents, geek or otherwise, would find value in such a piece. I suppose it's valid to remind parents that talking to their kids is as important as firewalling them from danger, but the tone of this comment struck me as accusatory, rather than constructive.

8 Comments

On Dec 14th, 2004 at 09:36pm Bob added:

I rather liked your article. A whitelist approach is perfectly sensible for kids.

On Dec 14th, 2004 at 11:36pm Elfboy added:

As a teacher of middle school students, I wish more parents did take such a proactive approach to ensuring safe and secure internet use for their children. In my experience most don't, and allow their kids to fend for themselves, either out of ignorance or laziness.

On Dec 15th, 2004 at 05:26pm DrBacchus added:

What a strange conclusion to come to. The notion of letting my daughter receive spam as an educational opportunity is rather absurd, particularly with the content of most of the spam out there these days. It's rather like signing my daughter up for pornographic magazines so that she can learn how to deal with them.

I block spam for myself. I block spam for my parents. I'm *sure* going to block spam for my daughter, if and when she gets her own email address. Ironically, her email-address-to-be *already* received hundreds of spam messages a day.

But, yes, many thanks for your article, and for the concern that it shows for your kids. Yes, of course we should try to firewall our kids from smut, hoaxes, and scams, for as long as we can, just as we should buckle them in car seats, make them wear helmets, and put warm coats on them when they go outside. Throwing kids out to fend for themselves is criminal, and people that act like it's "overprotecting" to take care of kids apparently either don't have kids, or will soon be bailing them out of jail.

On Dec 20th, 2004 at 07:02pm Anonymous added:

I definitely hope that you are not one of the over posessive parents out there, I know a 18 year old whose father just did the same as you did... need to draw the line somewhere...

On Dec 22nd, 2004 at 04:06am DrBacchus added:

You know an 18-year-old whose father provided a protective, nurturing environment for him to grow up in? Shock! Horror!

No wonder you're posting anonymously.

On Jan 3rd, 2005 at 03:03am DrBacchus added:

Skippy,
Thanks to your instructions, I've got white-listed email set up for my daughter. Thanks so much for the assistance.
One question: Do you ever get fake-from-addressed spam to any of these addresses?

On Jan 3rd, 2005 at 03:36am skippy added:

DrBacchus: I'm glad you got it working!

Spoofed sources will get through. I don't think too many people will want to intentionally spoof the source of their email just to send messages to my kids, but it's possible. More likely would be virus-infected Windows machines sending messages that slip through my whitelist. There's not much I can do to prevent that, unless I implement some sort of challenge-response authentication system for incoming messages. I'm not convinced that that will protect the kids much more, though, so I haven't pursued it.

I suppose I could compare the envelope FROM address with the message FROM address for messages destined to the kids, but that seems really complicated, and would likely cause as many problems as it solves.

I do, however, have myself aliased into their email addresses, so any message they receive, I receive. I've no particular interest in reading their mail (and have promised them, and my wife, that I won't do so without good reason), but I do want to be able to skim the senders and subjects of messages they receive, as an additional safety check.

On Jan 5th, 2005 at 12:34pm DrBacchus added:

Of course, your girls are older than mine. Up until now, her email address has simply come to me, and I've shown her whatever she's received. So, I suppose, I *have* been reading her email, and will probably continue to do so for another year or so. She's only just recently literate, after all. ;-)