Hey all...
Long story short. Friend of mine has been dealing with cancer for the past 5 years (two distinct types / diagnosis) He has been chronicling his story to fellow cyclists and friends via self built distribution lists using the built in mail client that comes with his windows machine. Needless to say, he has spent quite a bit of time in and out of hospitals for various surgeries, treatments, etc... mail is something that he has come to value. Cutting to the chase - I built him a server (contribs.org - formerly known as mitel / e-smith) that is imap capable. Centralized mail down - with a web interface. He can get to his mail when he doesn't have access to his laptop and his isp connection at home. Now... I mention to him that I ~believe~ that I can turn this same machine into a private list server as the folks that maintain the server (contribs.org) also maintain a fine collection of user contributed (hence the name) of rpm's for use as add-on packages. It is quite nice.
Fast forwarding... Indeed I do find a contrib - mailman - cool! I get it setup and installed per some documentaton that I found, get a list all configured and ready to roll. I e-mail Dave (my friend) to let him know that I feel that we are 'ready' to go live with this thing after having been testing / playing with it for a week or so to ensure that it is behaving the way that we want it to. It's private, reply to address has been altered to someone else other than the list, no-one can post to the list except the list owner and delegated moderators, list is kept private - only list owner can view subscribers, etc... it appears to be working perfectly. ;)
Then I find out that there was, at some point in the past, some bug that was discovered that would allow for e-mail addresses to be viewed / obtained in some fashion. Something about v2.1.3? Anyway... I start googling (quite a bit)... I do see information (although not much) about the purported issue and how it was patched with some back level patches or something to that effect. I discovered this list via aformention googling, and sure enough, I even came across another sme user who posted with a question back on the 4th of this month (Nov. '04 -- link here: http://mail.python.org/pipermail/mailman-users/2004-November/040616.html) Kind of panicky, and by no means any kind of *nix "guru" I ssh into the box running the list and 'locate' the mailman binaries (I had no idea where it installed itself to). Turns out to be /opt/mailman/bin - don't know if this is typical or not. I find a "version" fle in there, that judging by its "green" color is executable. I run it and it tells me that the version that I have is this:
[EMAIL PROTECTED] bin]# ./version Using Mailman version: 2.1.3
2.1.3 - ;( Do I have an issue?
Privacy on this list is something that Dave holds very dear due to the personal nature of the illness that I suspect many of his recipients are also dealing with. (he currently uses "bcc" for the bulk of the people that he posts to) Is there a means of testing this box to see if the existing list of addresses can be "harvested" There are only three addresses in it @present - mine as builder, Dave's as site owner and my wife ( we needed a guinea pig tester to ensure that she could not post back to the list, reveal e-mail address, etc... lol ) I don't care if those addresses get "harvested" as they are well known anyway.
Ok - so this wasn't so short. Sorry. Again - I'm no *nix guy. I'm just a guy who rides and races a bike (as in pedal variety) and happens to know a ~little~ bit about computers. I offered to help out a good friend of mine, and the local cycling club in general, and I would just like to make sure that this thing will be "ok" (ie; secure). (( realizing that secure and a forward facing gizmo on the public internet is kind of an oxymoron - but ya gotta at least do the best ya can, 'eh? ))
Thanks all.
-=- jd -=-
ps - Dave's site that another cyclist from the Syracuse, NY area put up for him is here (if anyone curious):
http://www.veloweb.org/davepanella
------------------------------------------------------ Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
