[Mailman-Users] Server Side Includes
Richard Barrett
R.Barrett at ftel.co.uk
Mon Apr 15 17:44:39 CEST 2002
At 23:55 15/04/2002 +0900, Ben Gertzfield wrote:
>On Monday, April 15, 2002, at 11:30 , Timothy Murphy wrote:
>
>>While I am an enthusiastic user of mailman,
>>doesn't majordomo still have a well-defined usage,
>>for essentially private lists like committee minutes?
>>
>>This is a genuine question --
>>am I right in assuming that mailman lists are by their nature
>>publicly available?
>
>Not at all. At UC Santa Cruz, I set up several Mailman lists that were
>private for just this purpose (committee announcements and minutes) in the
>School of Engineering.
>
>You can get privacy in one of two ways, depending on what your needs are:
>
>1) Do not archive. Each list can be set to archive or not to archive
>within the list's web admin interface.
>
>2) Set up your web server to require a password or IP/hostname match (or
>both) to allow access to /pipermail/listname/ for each list you want to
>protect.
>
>I did either or both of these as needed.
>
>Ben
Surely, if you are using the built-in pipermail archiver, you can also set
a list's archive to private on the Archive Options web GUI admin page. The
list archives are then not available through the /pipermail/ URI path
element but are accessed via the /mailman/private/ path which is serviced
by the $prefix/Mailman/Cgi/private.py script. This script uses cookie
authentication for which the user credentials are the list member's mail
address and their associated list password and restricts archive access to
list members only.
As just a small plug, this archive security is also preserved in the same
way when the mailman-htdig patches posted on sourceforge are used to
provide per list archive search.
More information about the Mailman-Users
mailing list