[Mailman-Users] How do I run 2.x mailman more securely?

Wed May 30 17:36:50 EDT 2018

I've been assigned the task of attempting to secure our current implementation of GNU MailMan.

Have any of you out there done this?

What did you do?

Some of the initial items that have been directed my way:

1.       Can archiving be totally and permanently be eliminated?

2.       How and where are the passwords stored?

3.       Can user passwords be eliminated and have the list administrator make any user adjustments which should not be necessary?

4.       Does the website have to run in http: since passwords are entered at points in the interactions?

Thanks for your guidance and thoughts.