[Mailman-Users] Re: cleartext passwords

[Tom Neff]

alex wetmore <alex at phred.org> wrote:
> From: "Tom Neff" <tneff at bigfoot.com>
> > I do NOT think that cleartext passwords should be mailed out en masse
> > as part of a monthly reminder cycle.  That is, over time, going to
> > degrade security and user confidence in the product.
>
> Mailman passwords should not be considered secure.  They are only a
> minor feature to prevent others from unsubscribing you.  The signup
> pages clearly say that users should not use valuable passwords.  Most
> people aren't running their mailman web over SSL, so the passwords are
> sent back to the server in cleartext.

This is a fallacious line of reasoning (and it's Mailman's fault, not
Alex's, for encouraging it).  Mailman is a conveyance, an application layer;
it should not be in the business of telling its users how secure their
content is, nor of making assumptions about what is considered important
enough to protect.

The fact that no email based security system is completely perfect does not
absolve Mailman of the responsibility to take common sense, easily
implementable steps to *improve* security where this can be done without
making it harder to use.

Mailman's authors and designers do not work this hard specifically to make
the best INSECURE mail manager out there - they just work to make a great
mail manager.  There is nothing about Mailman that inherently *requires*
poor security.  It just happens to be that way as of the current
incarnation.  Improving security will increase product acceptance.