RE: [Mailman-Users] Stop the Confirmation E-Mail
Jon wrote: >I don't think anyone on Mailman-dev wants to encourage the bad practice >of allowing folks to be subscribed without their approval (except by the >list admin), so don't look for this feature to be changed in MMv3. This may be slightly off this particular topic, but I run several mailman lists with the options: o) Administrator approval is required for all subscriptions o) No confirmation is required for subscriptions These are relatively "closed" communities of nontechnical people, where the administrator has tight connections to the subscribers and there is some "offline" or "unstructured" confirmation that occurs outside of Mailman itself. The problem I've been having is that there doesn't seem to be a way for the LIST ADMIN to change a subscriber's e-mail address without a confirmation (unless one goes through a subscribe/unsubscribe which risks changing user options and the user password). For these particular communities we really do not want confirmation required -- and if it's not required for the initial subscription, why is it required for the address change? Or am I missing something? Thanks! -Nancy [Mailman "user" in the sense of list administrator -- I've no control over the installation. Mailman version 2.1.1] -- Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Re: [mailman-users] member-only lists and non-member postings
At 11:42 AM 3/5/04 -0500, Dean Karres wrote: >Two days ago we received several spam / virus loaded messages from >obviously fake non-members on a few of our mailing lists. All were >stopped and discarded -- except two. Those two messages were aimed at >out largest mailing list. In the last 48 hours, two messages with faked (nonmember) addresses and virus attachments got through to our member-only lists. Between the first and second attack, I changed the administrator and moderator passwords and I haven't shared the new passwords with anyone. One of the lists is *very* tightly controlled and none of the 3 folks who could post without moderation has reported their system being compromised. The logfiles show nothing but the messages going through as if they had been from unmoderated members of the list (but the sender in the logfile is clearly a nonmember). I don't see anything in the headers of the messages that would indicate why they bypassed the moderator. While this doesn't answer Dean's question about how to compare the configurations of two lists, my gut is telling me the lists are properly configured and something else is going on. Any clues would be appreciated. Thanks! -Nancy -- Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
