[Mailman-Users] change links in mail footer to https

Sun Dec 10 15:19:34 EST 2017

> -----Original Message-----
> From: Mailman-Users [mailto:mailman-users-
> bounces+brian=emwd.com at python.org] On Behalf Of Mike Starr
> Sent: Sunday, December 10, 2017 1:18 PM
> To: mailman-users at python.org
> Subject: Re: [Mailman-Users] change links in mail footer to https
> 
> I'm inclined to agree with tlhackque. I'd venture a guess that a large
> percentage (perhaps even a majority) of Mailman users are provided with
> Mailman from their hosting company as the only mailing list tool
> available. The Mailman UI allows them to do the initial configuration
> and management but they're not, in most cases, even aware of python or
> shell script execution. It's completely foreign to them and most likely
> completely beyond their skill sets. They then come to this list for help
> and get told something in a language they don't understand and as this
> thread reveals, many hosting companies are completely uncooperative with
> respect to python and shell execution.
> 
> Of course, having monitored this list for several years, I'm totally
> impressed with the skill and knowledge of Mark Sapiro and others, and I
> do understand that Mailman is an open-source program for which (to the
> best of my knowledge) nobody gets paid to maintain. But it would
> certainly be nice is the Mailman UI could be improved to allow users to
> accomplish many of the things they seek help for here without having to
> spend weeks learning how to do python programming or shell script
> execution.
> 
> Best Regards,
> 
> Mike
> --
> Mike Starr, Writer
> Technical Writer   -    Online Help Developer   -   WordPress Websites
> Graphic Designer - Desktop Publisher - Custom Microsoft Word templates
> (262) 694-1028   -  mike at writestarr.com   -  http://www.writestarr.com
> 
> On 12/10/2017 11:42 AM, tlhackque via Mailman-Users wrote:
> > On 09-Dec-17 14:06, Mark Sapiro wrote:
> >> On 12/09/2017 10:40 AM, Chip Davis wrote:
> >>> That's all well and good Mark, but surely you know that any fix that
> >>> involves issuing a shell command is useless for those of us responsible
> >>> for lists on a shared server running cPanel (or equivalent).
> >> The OP indicated that he had changed DEFAULT_URL_PATTERN. If he can
> do
> >> that, he can run fix_url.
> > That is not necessarily true.
> >
> > On a cPanel-managed website that I support, the "File manager" provides
> > an editor, which allows any text file to be edited.  And you can set 'x'
> > permission.  But there is no shell access, and no straightforward way to
> > execute a file.  (If you're clever and sufficiently motivated, you can
> > setup a temporary cron job or modify some source file.)
> >
> > I've had similar issues with people using wiki software; in that case,
> > the solution was to add a carefully-protected admin option to allow a
> > very privileged admin to run a shell command (e.g. system(...)).  As a
> > developer, I was not enthusiastic - but it seems that a significant
> > number of people are stuck with hosts that don't provide shell access.
> > Of course, my first reaction was "change hosting provider" - but there
> > were many "I can't" - though the reasons varied.
> >
> > You might consider adding a super-user menu to allow users to run
> > withlist; fix_url; etc without shell access.  Or an admin privilege that
> > can be granted to selected list managers.  If not for MM2, for MM3.
> >
> > If you don't want to support mailman in environments without shell
> > access, at a minimum, put a big warning in the install docs that
> > "administration and maintenance of a mailman site requires shell
> > access".  It shouldn't be a requirement that's discovered later.
> >
> >
> >
> >
> > ------------------------------------------------------
> > Mailman-Users mailing list Mailman-Users at python.org
> > https://mail.python.org/mailman/listinfo/mailman-users
> > Mailman FAQ: http://wiki.list.org/x/AgA3
> > Security Policy: http://wiki.list.org/x/QIA9
> > Searchable Archives: http://www.mail-archive.com/mailman-
> users%40python.org/
> > Unsubscribe: https://mail.python.org/mailman/options/mailman-
> users/mike%40writestarr.com
> 
> ------------------------------------------------------
> Mailman-Users mailing list Mailman-Users at python.org
> https://mail.python.org/mailman/listinfo/mailman-users
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Security Policy: http://wiki.list.org/x/QIA9
> Searchable Archives: http://www.mail-archive.com/mailman-
> users%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-
> users/brian%40emwd.com

Well let's not give all hosting providers a black eye. We run all kinds of admin tasks on behalf of our mailman clients. As for using SSL, it is time consuming moving a large number of lists on various domains to use SSL. We run our mailman lists on cPanel servers with the default http setup. Since there is a growing demand for SSL connections we are moving our clients to use SSL. We already offer free SSL certificates so this move fits quite well with that.

The problem with shell access and mailman, is that mailman server changes requires root access and what ever changes are made to the mailman server itself impacts all mailing lists. So those of you who use mailman on a shared hosting environment should never be given shell access to mailman. 

I do not agree that mailman users need or require shell access. What is being asked here in regards to SSL is at this moment a preference not a need. Perhaps the developers of the MM 2.1 branch can add some additional functionality to the mailman list admin interface to turn on or off SSL connections. I know you can do this with WordPress quite easily. Another path is make a feature request with cPanel, Inc. to add some sort of function to add SSL functionality to Mailman lists.

Brian Carpenter
Owner

Providing Cloud and Mailman Services and more for over 15 years.

E: brian at emwd.com
www.emwd.com