[Mailman-Users] Message IDs & Security
Brad Knowles
brad at stop.mail-abuse.org
Thu Aug 24 03:30:21 CEST 2006
At 10:23 PM +0000 2006-08-23, Jon Loose wrote:
> On looking at the downloadable archives, the message ids are very long
> indeed (over 100 characters). I took a look at the same file for this
> list, and the ids seem shorter. Is there any way to get shorter message
> ids?
Not without changing the Mailman source code, no.
> Also, as regards security, I would appreciate recommendations of the
> simplest way to set up a postfix/mailman system with https on apache2.
> I've seen the FAQ and am still struggling to get my head around it.
The simplest stuff I know of is already in the documentation and the
FAQ. If you know of better, or can find better, please let us know.
> Finally, what is the overall security level of mailman, given that
> passwords are sent out in monthly reminders to the individuals
> concerned? If the answer is "not very secure", are there plans to
> change this?
I would say that the overall security level of Mailman is moderate,
if you configure the system so that all web interaction happens over
SSL-encrypted connections. Otherwise, it would be lower.
Yes, there are plans to improve this -- see
<http://wiki.list.org/display/DEV/Mailman+2.2>.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
Founding Individual Sponsor of LOPSA. See <http://www.lopsa.org/>.
More information about the Mailman-Users
mailing list