Thank you everyone for your help and sharing all of this information. I found it very useful and further proof of the active and supportive Mailman community.
It sounds like, to summarize, the Mailman2 branch can lock down its passwords by: 1. disabling cron password reminders 2. increasing the warning in the UI about not using valuable passwords Mailman2 cannot change the following, however, without code changes: a. storing passwords unencrypted b. sending password reminder emails to list subscribers who request a reminder via the UI (is that right?). I'm not worried about (a), just trying to be thorough. Question: Can list admins request a password reminder email via the UI? In the UI I see that subscribers can but it doesn't look like list admins can. If that is true and a list admin/owner loses their password, does the Mailman site administrator have to fetch it for them? I'm thinking about the extra work (however small, as others have pointed out that admins rarely change their settings) this will put on our mailman administrator if there are 2k+ lists. Thanks to all for your prompt and wonderful responses, Geoff Mayes > -----Original Message----- > From: mailman-users-bounces+gmayes=uoregon....@python.org > [mailto:mailman-users-bounces+gmayes=uoregon....@python.org] On > Behalf Of C Nulk > Sent: Friday, January 20, 2012 9:39 AM > To: mailman-users@python.org > Subject: Re: [Mailman-Users] Thoughts about migrating to Mailman instead > of Sympa (from Majordomo) > > On 1/20/2012 8:48 AM, Carl Zwanzig wrote: > > On 1/20/2012 1:05 AM, Mailman Admin wrote: > >> On 2012-01-19 19:32, Geoff Mayes wrote: > >>> Does anyone know a way around the emailed passwords issue in > >>> Mailman, clever hacks, certain plugins, or a timeline for Mailman 3's > release? > >>> > >> You can stop the cronjob used to email reminders. > >> With this you don't email them to the users, but they will still be > >> saved in clear text in Mailman. > > > > You can also easily change the code to leave it out of the reminder. > > Or simplest of all, use the option on the General Settings page (under > Notifications) and turn off the monthly reminders. > > Chris > > > ------------------------------------------------------ > Mailman-Users mailing list Mailman-Users@python.org > http://mail.python.org/mailman/listinfo/mailman-users > Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: > http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail- > archive.com/mailman-users%40python.org/ > Unsubscribe: http://mail.python.org/mailman/options/mailman- > users/gmayes%40uoregon.edu ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
