On Nov 1, 2013, at 09:04 , Herbert Valerio Riedel wrote: > On 2013-11-01 at 08:55:23 +0100, John Wiegley wrote: >>>>>>> Elliot Wolk <[email protected]> writes: >> >>> yet another monthly reminder that haskell.org mails out my password in >>> plaintext in unencrypted email. >> >> Thanks! I've recently taken over email administration, so I will look into >> what can be done to resolve this. > > Fwiw, it's a common per-user setting[1], and most Mailman managed lists > I'm subscribed to have that on by default (and I can turn it off if I > wanted)
Correct, of the top of my head at least the freebsd, python, my university and any other mailman mailing list I'm subscribed to do this. In fact, the mailman signup page explicitly tells you "this password is stored/treated really insecurely, don't pick a valuable password". While I think this is an unfortunate issue in mailman, I don't think there's anything reasonable to do about it, short of switching mailing list program (and I'm not aware of any good alternatives). In short: 1) I agree it's unfortunate, 2) Mailman warns you that it does this, 3) I don't think the amount of trouble to fix this is worth it, so I would consider this a "won't fix" issue. Cheers, Merijn
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ haskell-infrastructure mailing list [email protected] http://community.galois.com/mailman/listinfo/haskell-infrastructure
