[Mailman-Developers] Monthly reminder sent by mailman-owner considered harmful
Harald Meland
Harald.Meland@usit.uio.no
04 Jun 1999 17:36:59 +0200
[Bart Schaefer]
> I just received my first "mailing list memberships reminder" from a
> mailman list. I asked the list admin about it, and he replied:
>
> > Each mailman installation optionally sends a single message covering
> > all the mailing lists controlled by that installation, once per
> > month. The option is controlled by the list administrators, though;
> > not by the individual users. I could turn it off, but then I'd have
> > to turn it off for everyone.
>
> I strongly suggest that this become a per-subscriber configurable
> item.
I think it probably will -- but not until after v1.0 is out.
> Consider the possibility that I, unaware that this is going to take
> place, subscribe an address that represents a local exploder. At
> some later time everyone on that local list is going to be given my
> password, possibly without my personally being aware it has happened
> (if I don't happen to be on the list myself).
If you're adding other people's addresses, then how would they be able
to unsubscribe later -- unless they have som way for getting at the
password.
I think the correct solution to this problem is for you _not_ to use
"your" password unless it really is one of "your" addresses you're
adding.
--
Harald