On Sat, 19 Sep 2020 at 13:07, Mark Sapiro <m...@msapiro.net> wrote: > >> I'm pretty sure that at least for now I[1] can configure a system to > >> run Mailman 2 so that none of the above matters (eg, have the web > >> server and MTA speak TLS so that Mailman doesn't have to), but I'm not > >> confident that will last for very long. > >> > > > > I'm pretty sure that's pure FUD. I'm not the expert on mailman that most > > of you are, but I can think of no reason for mailman itself to ever speak > > HTTP or SMTP, and therefore no reason for it to need to do TLS. I'd be > > very surprised at anyone running a mailman setup where there wasn't a web > > server and an MTA sitting between mailman and the rest of the Internet. > Am > > I wrong about that? > > > I think that was exactly Steve's point. >
Then why say that he's not confident he'll be able to keep MM2 from speaking TLS for long? Why is he only "pretty sure" that he can configure mm2 in such a way that it doesn't need to speak TLS? Those statements make no sense to me, and are the reason I called this email out as FUD. > Does mailman even include its own web server? I didn't think it did. > > No, it doesn't. It does however do SMTP to an MTA that isn't necessarily > on localhost, so TLS can be an issue there. > Okay, so it's possible to set up so that it needs to speak TLS, but by no means is there any event approaching that's going to make that necessary. ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
