[Mailman-Users] Expected behavior with password reminder?
Mark Sapiro
mark at msapiro.net
Mon Oct 18 13:29:24 CEST 2010
Hung Phan wrote:
>
>While we testing the password reminder feature, we discover that a user asking for password reminder from a specific list that s/he isn't a member of that list, s/he still receives the message "A reminder of your password has been emailed to you." Is this an expected behavior?
If the list's Privacy options... -> Subscription rules ->
private_roster attribute is set to Anyone (i.e. if the list membership
roster is public), a non-member requesting a reminder will be told "No
such member". Otherwise, the user gets the same message whether or not
she is a member to prevent using the reminder request to "fish" for
list membership.
On the "never to be released" branch at
<https://code.launchpad.net/~mailman-coders/mailman/2.2>, the message
is changed to "If you are a list member, your password has been
emailed to you.", but it has not been changed on the 2.1 branch for
i18n reasons.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list