[Mailman-Users] Restricting access to the pipermail archives
Mark Sapiro
mark at msapiro.net
Thu Aug 20 20:42:12 CEST 2015
On 08/20/2015 11:26 AM, Billy Crook wrote:
> It is not clear to me that archive_private controls access to the archive.
It does. Try it. If archive_private is 'public' there is a symlink from
archives/public/listname to archives/private/listname and a URL like
http://example.com/pipermail/listname will work without authentication.
If you set archive_private to 'private', that symlink is removed, the
pipermail URL won't work and the only access to the archive is via a URL
like http://example.com/mailman/private/listname which requires
authentication and which will be displayed the archive URL on the
listinfo page and in List-Archive: headers.
> My understanding is that archive_private is used to inform mailman that the
> email addresses visible in the archive should be presented differently
> depending if the archive will be made publicly accessible or not. i.e.
> munge the email addresses if there's a chance spambots can find them.
That is the Defaults.py/mm_cfg.py setting ARCHIVER_OBSCURES_EMAIL_ADDRESS.
> I would like to NOT munge the addresses, so they are useful to click on for
> my users. But I want all of the text of each archived message to be kept
> in secret on the server, viewable only by members of the list.
Set
ARCHIVER_OBSCURES_EMAIL_ADDRESS = No
in mm_cfg.py and set the list's archive_private to 'private.
> I would hope there was a more "supported" way to do this,...
Just do the above. That will do it.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list