[Mailman-Users] Using a different user authentication method?

[J C Lawrence]

On Mon, 23 Apr 2001 12:59:05 -0400 
Paul D Smith <pausmith at nortelnetworks.com> wrote:

> Does anyone have any pointers to readme's or FAQ's or howto's or
> old emails or anything like that which might point me along the
> way to replacing Mailman's current simple password based
> authentication mechanism with a different, customized one?

> I want to set up a Mailman server for our company, and one thing
> we have which is really nice is a well-maintained, comprehensive
> user login capability, complete with LDAP servers and SSL-secured
> tools to access them.  Mainly it's used to control access to
> sensitive intranet web sites, but it could easily be extended to
> provide authentication for Mailman.  This would be at once more
> secure and easier to use for our environment.

Note that you probably don't want to do this, as Mailman supports
email authentication, which would result in the passwords, possibly
to those sensitive intranet sites etc, being sent across the net in
plaintext.

Yeah, security envelopes are a bummer that way.

-- 
J C Lawrence                                       claw at kanga.nu
---------(*)                          http://www.kanga.nu/~claw/
--=| A man is as sane as he is dangerous to his environment |=--