[Mailman-Users] Unsubscribe Using Web Form

Mark Sapiro mark at msapiro.net
Sat Nov 8 01:15:35 CET 2014 

On 11/07/2014 03:28 PM, Greg Sims wrote:
> 
> Subscribe / Unsubscribe works well for the normal case thanks to your help.
> 
> (1) When I Unsubscribe an email address that does not exist, the result of
> Posting the form is:
> 
> --------
> Bug in Mailman version 2.1.12
...
> The error log is:
...
> admin(385):     raise Errors.NotAMemberError, member
> 
> admin(385): NotAMemberError: x at y.com
> The backtrace ends in a "NotAMemberError" which is exactly what happened.
> The "result" from the POST seems to be a bit off.  I need to determine the
> difference between success and failure looking the the result of the POST.
>  "we hit a bug!" is kind of a funny thing to match against.


Actually, this is a real bug. It is unlikely to occur in practice, but
it can happen if you visit the options page for a user and unsubscribe
and between retrieving the options page and unsubscribing, the user is
unsubscribed by another process, or more likely, you visit the options
page, unsubscribe and then use the browser's back button to go back and
unsubscribe again.

I will fix it.


> (2) It appears that the Subscription sequence always returns the contents
> of the file "subscribe.html".  Is this in fact always the case?  I tried to
> subscribe to email address "foo" and did not receive an error -- even
> though this is not a valid email address.  I suppose I could validate the
> email address format with my PHP code and provide user feedback.


If you post an address like 'foo' to the subscribe CGI, you should get a
result like

Listname Subscription results
The email address you supplied is not valid. (E.g. it must contain an `@'.)

The validation is somewhat primitive and syntactic only, but it should
refuse to subscribe a syntactically valid address.

Did 'foo' actually get added to your list?


> (3) It appears the Unsubscribe sequence I created allows for anyone to
> unsubscribe anyone else -- all they need to know is an email address that
> is subscribed to the list.


This is exactly why Mailman does not allow unsubscribes without
authentication or confirmation.


> This is as a result of using the list admin
> password in my PHP code.  I wish there was a way to pass the email address
> and password of the subscriber from a non-digest email to my PHP code via
> POST.  I tried turning personalization on.  It does not seem to be possible
> to place a <form> in the footer (or header?) of the email.  It also appears
> that mailman does not replace symbols in the body of an email.  This led me
> to believe the only way to accomplish passing the email address and
> password via POST is by writing a custom mailman filter that replaces the
> symbols -- likely in the body of an email.


But, unless you actually get the list password from the user, how can
you know that it is the actual user that submitted the request. Either
the user has to provide authentication or you have to do email
confirmation. Otherwise, anyone can unsubscribe anyone.


> It there a simple way to get the subscribers password (and email address
> but less important) via POST from a non-digest email to my PHP code?  This
> ensures that someone using my Web Form can only unsubscribe the email
> address of a mailman email they received (or have access to).


I don't understand. If you mean you want to send the user's password to
the user in each non-digest list mail, if the list is personalized, the
string %(user_password)s in either msg_header or msg_footer will be
replaced by the user's password.

You can even craft a one-click unsubscribe link with something like

%(user_optionsurl)?unsub=1&unsubconfirm=1&password=%(user_password)s

but any of that is a really bad idea. Sophisticated user's don't like to
see their passwords mailed in plain text, and unsophisticated users
reply to and forward list messages without removing things like
unsubscribe links specific to them.


> (4) When I get this all sorted out, would you like me to write it up for a
> FAQ or something?  I would be happy to do this if you believe it is
> worthwhile.


It might be. It depends on what you arrive at.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list