Re: SSL and Mailman?, was Re: Mailing Lists
Hello! On Sun, Nov 11, 2001 at 10:02:10AM +1100, Craig Sanders wrote: ... you should be able to do that in your apache configuration - either deny access to unencrypted connections or send a redirect to the encrypted URL. ... Eric Jennings yet sent kindly the recipe :) And I rushed to implement it, when I realized that for survival reasons I am using the boa web server. it's not really mailman's job to do that. ... You are surely right, but, is there another boa-like small|fast web server which supports ssl? Is there some ssl-cgi-sandwich which allows to use ssl on servers that do not have built in support? Not really problems I have to live with right now, but I wonder,... Best Regards, Jorge-León -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SSL and Mailman?, was Re: Mailing Lists
On Mon, Nov 12, 2001 at 10:34:57PM -0600, [EMAIL PROTECTED] wrote: Hello! On Sun, Nov 11, 2001 at 10:02:10AM +1100, Craig Sanders wrote: ... you should be able to do that in your apache configuration - either deny access to unencrypted connections or send a redirect to the encrypted URL. ... Eric Jennings yet sent kindly the recipe :) And I rushed to implement it, when I realized that for survival reasons I am using the boa web server. it's not really mailman's job to do that. ... You are surely right, but, is there another boa-like small|fast web server which supports ssl? Is there some ssl-cgi-sandwich which allows to use ssl on servers that do not have built in support? stunnel is your friend. Tim -- Tim Sailer (at home) Coastal Internet, Inc. Network and Systems Operations PO Box 671 http://www.buoy.comRidge, NY 11961 [EMAIL PROTECTED][EMAIL PROTECTED] (631) 924-3728 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SSL and Mailman?, was Re: Mailing Lists
Hello! On Sun, Nov 11, 2001 at 10:02:10AM +1100, Craig Sanders wrote: ... you should be able to do that in your apache configuration - either deny access to unencrypted connections or send a redirect to the encrypted URL. ... Eric Jennings yet sent kindly the recipe :) And I rushed to implement it, when I realized that for survival reasons I am using the boa web server. it's not really mailman's job to do that. ... You are surely right, but, is there another boa-like small|fast web server which supports ssl? Is there some ssl-cgi-sandwich which allows to use ssl on servers that do not have built in support? Not really problems I have to live with right now, but I wonder,... Best Regards, Jorge-León
Re: SSL and Mailman?, was Re: Mailing Lists
On Mon, Nov 12, 2001 at 10:34:57PM -0600, [EMAIL PROTECTED] wrote: Hello! On Sun, Nov 11, 2001 at 10:02:10AM +1100, Craig Sanders wrote: ... you should be able to do that in your apache configuration - either deny access to unencrypted connections or send a redirect to the encrypted URL. ... Eric Jennings yet sent kindly the recipe :) And I rushed to implement it, when I realized that for survival reasons I am using the boa web server. it's not really mailman's job to do that. ... You are surely right, but, is there another boa-like small|fast web server which supports ssl? Is there some ssl-cgi-sandwich which allows to use ssl on servers that do not have built in support? stunnel is your friend. Tim -- Tim Sailer (at home) Coastal Internet, Inc. Network and Systems Operations PO Box 671 http://www.buoy.comRidge, NY 11961 [EMAIL PROTECTED]/[EMAIL PROTECTED] (631) 924-3728
Re: SSL and Mailman?, was Re: Mailing Lists
On Fri, Nov 09, 2001 at 09:22:17AM -0600, [EMAIL PROTECTED] wrote: I'm using mailman, but only at a *very* small scale. While beeing satisfied about the ease of configuration and managment of the lists, I am worried about the fact, that the list administrator is sending the list password in cleartext over the net when logging in. Of course I give the admins the advice to use https:// instead of http:// when logging in, but mailman does not enforce it. you should be able to do that in your apache configuration - either deny access to unencrypted connections or send a redirect to the encrypted URL. I think of diving into the code some day to see into it, but maybe I'm too paranoid or you have yet a solution to this... it's not really mailman's job to do that. craig -- craig sanders [EMAIL PROTECTED] Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SSL and Mailman?, was Re: Mailing Lists
On Fri, Nov 09, 2001 at 09:22:17AM -0600, [EMAIL PROTECTED] wrote: I'm using mailman, but only at a *very* small scale. While beeing satisfied about the ease of configuration and managment of the lists, I am worried about the fact, that the list administrator is sending the list password in cleartext over the net when logging in. Of course I give the admins the advice to use https:// instead of http:// when logging in, but mailman does not enforce it. you should be able to do that in your apache configuration - either deny access to unencrypted connections or send a redirect to the encrypted URL. I think of diving into the code some day to see into it, but maybe I'm too paranoid or you have yet a solution to this... it's not really mailman's job to do that. craig -- craig sanders [EMAIL PROTECTED] Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch
Re: SSL and Mailman?, was Re: Mailing Lists
In your Apache httpd.conf file, under the VirtualHost block that handles your mailman config, force Apache to use https instead of http, even when somebody types in http. You do it by adding the below 2 lines: (you have to have mod_rewrite compiled and installed in your Apache daemon) RewriteEngine on RewriteRule ^/(.+) https://www.somedomain.com/cgi-bin/mailmanconfig [R,L] HTH- Eric Hello! I'm using mailman, but only at a *very* small scale. While beeing satisfied about the ease of configuration and managment of the lists, I am worried about the fact, that the list administrator is sending the list password in cleartext over the net when logging in. Of course I give the admins the advice to use https:// instead of http:// when logging in, but mailman does not enforce it. I think of diving into the code some day to see into it, but maybe I'm too paranoid or you have yet a solution to this... Any thoughts? Jorge-León On Thu, Nov 08, 2001 at 01:59:51PM +, Martin WHEELER wrote: On Thu, 8 Nov 2001, Andre Luis Lopes wrote: Em Qui 08 Nov 2001 10:19, Craigsc escreveu: ... It's worth it for the web-based administration and archiving alone. ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SSL and Mailman?, was Re: Mailing Lists
In your Apache httpd.conf file, under the VirtualHost block that handles your mailman config, force Apache to use https instead of http, even when somebody types in http. You do it by adding the below 2 lines: (you have to have mod_rewrite compiled and installed in your Apache daemon) RewriteEngine on RewriteRule ^/(.+) https://www.somedomain.com/cgi-bin/mailmanconfig [R,L] HTH- Eric Hello! I'm using mailman, but only at a *very* small scale. While beeing satisfied about the ease of configuration and managment of the lists, I am worried about the fact, that the list administrator is sending the list password in cleartext over the net when logging in. Of course I give the admins the advice to use https:// instead of http:// when logging in, but mailman does not enforce it. I think of diving into the code some day to see into it, but maybe I'm too paranoid or you have yet a solution to this... Any thoughts? Jorge-León On Thu, Nov 08, 2001 at 01:59:51PM +, Martin WHEELER wrote: On Thu, 8 Nov 2001, Andre Luis Lopes wrote: Em Qui 08 Nov 2001 10:19, Craigsc escreveu: ... It's worth it for the web-based administration and archiving alone. ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]