[Mailman-Users] Emergency mail to everyone?
Larry Stone
lstone19 at stonejongleux.com
Wed Jan 17 17:50:55 CET 2007
On Wed, 17 Jan 2007, Mark Sapiro wrote:
> Paul Tomblin wrote:
> >
> >You mean that if people used the Approve: header that Mailman doesn't
> >strip it out before it sends it? That seems like a huge security hole.
>
> No I don't mean that. It is removed whether or not the password is
> valid. When I said "This is intentional to discourage sending the site
> password in the clear in email." I meant in the email TO the list. The
> header won't be in the mail FROM the list.
But it also minimizes the risk of accidental disclosure of the site
password. I assume if Approved was misspelled in a header or as the first
line of the message, it would be included in the message if it was
susequently approved by a moderator or met other critieria for not needing
moderation.
-- Larry Stone
lstone19 at stonejongleux.com
More information about the Mailman-Users
mailing list