[Mailman-Users] How hard is it to spoof an email?

[Jp Possenti]

How hard would it be for someone to maliciously start sending all the users
in my list emails or start deleting people from it by sending bounce errors
or by spoofing the admin email and start emailing everyone on the list?
Is this a common problem, or is mailman secure about it? What are some ways
to help avoid any problems?
Please explain carefully and with plenty of details as I am still figuring
things out.
 
Kind regards,
 
Jp
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Mark Sapiro]

Jp Possenti wrote:

>How hard would it be for someone to maliciously start sending all the users
>in my list emails or start deleting people from it by sending bounce errors
>or by spoofing the admin email and start emailing everyone on the list?


It all depends on how your list is set up.


>Is this a common problem, or is mailman secure about it? What are some ways
>to help avoid any problems?


Go to the FAQ wizard
>Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
and search for spoof.

-- 
Mark Sapiro <[EMAIL PROTECTED]>   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Jp Possenti]

I have a couple of questions regarding that FAQ link:

1. Setting the max_num_recipients to 1 will mean that any time I make a
newsletter to the public, I need to login and approve that request, correct?

I am just confused about the wording of the command. Does that mean that the
message will go through but just to 1 person in the list and the other say
499 people will not receive it?

I apologize for the ignorance.

2.  For setting everyone's moderation bit on, I can figure that out as it's
an option under General -> Additional settings. But for the second part
regarding posting using an approved:header I don't see that option anywhere.
How would this work?


Kind regards,
 
Jp


-Original Message-
From: Mark Sapiro [mailto:[EMAIL PROTECTED] 
Sent: Sunday, January 29, 2006 2:18 PM
To: [EMAIL PROTECTED]; mailman-users@python.org
Subject: Re: [Mailman-Users] How hard is it to spoof an email?

Jp Possenti wrote:

>How hard would it be for someone to maliciously start sending all the users
>in my list emails or start deleting people from it by sending bounce errors
>or by spoofing the admin email and start emailing everyone on the list?


It all depends on how your list is set up.


>Is this a common problem, or is mailman secure about it? What are some ways
>to help avoid any problems?


Go to the FAQ wizard
>Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
and search for spoof.

-- 
Mark Sapiro <[EMAIL PROTECTED]>   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan





--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Mark Sapiro]

Jp Possenti wrote:

>I have a couple of questions regarding that FAQ link:
>
>1. Setting the max_num_recipients to 1 will mean that any time I make a
>newsletter to the public, I need to login and approve that request, correct?


Maybe. See below.


>I am just confused about the wording of the command. Does that mean that the
>message will go through but just to 1 person in the list and the other say
>499 people will not receive it?


No, it means that any message that is sent to the list with more than 0
(1 or more) addresses in the To: and Cc: headers combined, that
message will be held for moderator approval unless it contains an
Approved: header.

Note that it is quite possible to send a message with 0 addresses in
To: and Cc: which is why if you choose this option, you need to also
set require_explicit_destination to Yes so that posts with 0
recipients will be held too.


>2.  For setting everyone's moderation bit on, I can figure that out as it's
>an option under General -> Additional settings.


Actually that's emergency moderation. Normally what you do is set
default_member_moderation to Yes on Privacy options...->Sender filters
so ne members are moderated and then set all existing members
moderated under Additional Member Tasks on Membership
Management...->Membership List.


>But for the second part
>regarding posting using an approved:header I don't see that option anywhere.


This works with either option above. It is not a list setting. In order
to bypass moderation of a post that would normally be held for any of
the above reasons, you can put a header

Approved: list_password

in the message you send to the list. You can also put this in the first
line of the body of the post (as long as it's plain text). The header
will be removed, and as long as the list_password is correct, the post
will bypass the hold and will be delivered directly to the list.

-- 
Mark Sapiro <[EMAIL PROTECTED]>   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[JC Dill]

Jp Possenti wrote:
> I have a couple of questions regarding that FAQ link:
> 
> 1. Setting the max_num_recipients to 1 will mean that any time I make a
> newsletter to the public, I need to login and approve that request, correct?

The number of "recipients" is the number of addresses in the email you 
compose.  When you sent this message (that I'm replying to), you 
addressed it to mailman-users@python.org which is just ONE recipient. 
(To the mailman server, this message had only one recipient.)  If you 
had sent this message to mailman-users@python.org and also to the author 
of the message you were replying to (via To or CC), then to the mailman 
server this message would have had two recipients.

The max_num setting is used to help prevent users from sending messages 
addressed "to" (or "cc") many different addresses in a single message. 
In most case such messages are not messages you want distributed to your 
list.  This setting is usually used for discussion lists and the default 
is left alone for announcement lists because you control who and how the 
posts go to your list by using moderation and approved passwords, rather 
than by limiting the number of recipients in the initial email.

> I am just confused about the wording of the command. Does that mean that the
> message will go through but just to 1 person in the list and the other say
> 499 people will not receive it?

No, it does not do that and there is no setting to do that.

> 2.  For setting everyone's moderation bit on, I can figure that out as it's
> an option under General -> Additional settings. But for the second part
> regarding posting using an approved:header I don't see that option anywhere.
> How would this work?

I just updated the announcement list FAQ:



to include:


   The approved header or first line has the following format:

Approved: 

   If you are using this on the first line of your post, follow it
   with a blank line.  Mailman will recognize it as the "header" and
   remove it from the body. Follow it with a blank line because the
   line following the Approved: line is removed too (in Mailman 2.1.4
   anyway).


I don't know how HTML formatting and other email client oddities may 
affect using the approved header in the first line of your post so I 
can't be certain that this will work perfectly for you on your first 
try.  I've seen it happen where someone got confused, didn't use the 
approved header as a first line correctly, then approved the message 
using the web interface only to discover their message distributed to 
the whole list with the password included in the message.  So it's 
usually a good idea to use a test list with 2 or 3 subscribers and 
practice using the "first line of your post" approved password system a 
few times so you can be sure that it works as you expect before you try 
to use it on a large distribution list.

jc
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Jim Popovitch]

Jp Possenti wrote:
> How hard would it be for someone to maliciously start sending all the users
> in my list emails or start deleting people from it by sending bounce errors

It's not hard at all.  In fact it's quite easy.  This is because the raw 
archive data is available to the public.  See this FAQ: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq04.066.htp

> or by spoofing the admin email and start emailing everyone on the list?

That's not hard at all either, although you probably shouldn't have your 
admin email as a list member.  Of course, the spammer could just use any 
of your subscribers email addresses including the valid ones that 
haven't posted in 4 years (*cough*, *cough*).  See the recent "Verifying 
posts" thread.

> Is this a common problem, or is mailman secure about it? What are some ways
> to help avoid any problems?

Use an MTA that supports DKIM and/or SPF.  These standards help to 
verify who the sender is.  So if [EMAIL PROTECTED] posts to your list, SPF 
will verify that the email came from an approved aol.com server, not 
something like 24.16.8.101-home.dsl.cox.net.  DKIM takes it a step 
further and adds an encrypted email header "key" that is carried with 
the email during it's entire journey through multiple servers.  This key 
enables every "hop" to validate the email, whereas SPF is just 
point-to-point validation based on email header info (which can very 
easily be modified in transit).

> Please explain carefully and with plenty of details as I am still figuring
> things out.

Heck, that should be SOP for everyone.  ;-)

-Jim P.


--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Jp Possenti]

So basically what you are saying is that Mailman is very insecure? (in
short)

You say I should not have my admin email as a list member. By that you mean
"[EMAIL PROTECTED]" which is the default address as the admin?

If so then what am I supposed to create, and why would creating one make a
difference?

Also which email clients support the KIM and/or SPF standards?

Kind regards,
 
Jp Possenti


-Original Message-
From: Jim Popovitch [mailto:[EMAIL PROTECTED] 
Sent: Sunday, January 29, 2006 4:31 PM
To: [EMAIL PROTECTED]
Cc: mailman-users@python.org
Subject: Re: [Mailman-Users] How hard is it to spoof an email?

Jp Possenti wrote:
> How hard would it be for someone to maliciously start sending all the
users
> in my list emails or start deleting people from it by sending bounce
errors

It's not hard at all.  In fact it's quite easy.  This is because the raw 
archive data is available to the public.  See this FAQ: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq04.066.htp

> or by spoofing the admin email and start emailing everyone on the list?

That's not hard at all either, although you probably shouldn't have your 
admin email as a list member.  Of course, the spammer could just use any 
of your subscribers email addresses including the valid ones that 
haven't posted in 4 years (*cough*, *cough*).  See the recent "Verifying 
posts" thread.

> Is this a common problem, or is mailman secure about it? What are some
ways
> to help avoid any problems?

Use an MTA that supports DKIM and/or SPF.  These standards help to 
verify who the sender is.  So if [EMAIL PROTECTED] posts to your list, SPF 
will verify that the email came from an approved aol.com server, not 
something like 24.16.8.101-home.dsl.cox.net.  DKIM takes it a step 
further and adds an encrypted email header "key" that is carried with 
the email during it's entire journey through multiple servers.  This key 
enables every "hop" to validate the email, whereas SPF is just 
point-to-point validation based on email header info (which can very 
easily be modified in transit).

> Please explain carefully and with plenty of details as I am still figuring
> things out.

Heck, that should be SOP for everyone.  ;-)

-Jim P.






--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Jim Popovitch]

Jp Possenti wrote:
> So basically what you are saying is that Mailman is very insecure? (in
> short)

:-)

Honestly, NO.  Mailman is much more secure, in deed very secure, than 
most software I see.The integrity of Mailman depends highly on the 
security of your OS, your MTA and your webserver.

> You say I should not have my admin email as a list member. By that you mean
> "[EMAIL PROTECTED]" which is the default address as the admin?

Your admin email would be [EMAIL PROTECTED]  That address 
doesn't belong in the subscribers list, nor does [EMAIL PROTECTED]

> If so then what am I supposed to create, and why would creating one make a
> difference?

There is nothing in Mailman that you can create or do to combat email 
spoofing.  Spoofing is not a Mailman problem as Mailman relies on your 
MTA to authenticate email senders (which is correct).  This is a good 
thing as Mailman could get really bloated (more bloated?) if it tried to 
incorporate authenticating senders.

> Also which email clients support the KIM and/or SPF standards?

DKIM and SPF are email server technologies, not client technologies. 
They can help to validate the email traffic coming into your email server.

-Jim P.





--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Mark Sapiro]

Jim Popovitch wrote:
>
>It's not hard at all.  In fact it's quite easy.  This is because the raw 
>archive data is available to the public.  See this FAQ: 
>http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq04.066.htp

Only if the list has public archives. If there are no archives, there
obviously isn't any archive data, and if the archives are private, all
archive data including .txt and .mbox files are only available to list
members or someone who knows a listmember address and password.

-- 
Mark Sapiro <[EMAIL PROTECTED]>   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Mark Sapiro]

JC Dill wrote:
>
>I just updated the announcement list FAQ:
>
>
>
>to include:
>



Thanks JC


>I don't know how HTML formatting and other email client oddities may 
>affect using the approved header in the first line of your post so I 
>can't be certain that this will work perfectly for you on your first 
>try.


In Mailman 2.1.6 and earlier, the Approved: line was only found and
removed if it was the first non-blank line in the first text/plain
part of the post (and the line following was removed too.). If the
post was multipart/alternative with say a text/plain part and a
text/html part, the Approved: line would only be removed from the
text/plain part. Thus, if the text/html part was not removed by
content filtering, the Approved: line would go to the list in the
text/html part.

Beginning in Mailman 2.1.7, this has been improved. An Approved: body
line must still be the first non-blank line in the first text/plain
part. Thus, you still can't post an html only message with an
Approved: body line. However, the line following the Approved: line is
no longer removed so it is no longer necessary to follow it with a
blank line. Also, once the Approved: line is found in the first
text/plain part, an attempt is made to remove it from every text/*
part in the post.

I say 'attempt' because while I'm sure it will be removed from a
text/html part, I'm not so sure that the pattern I use to find it will
match in a text/enriched, text/rtf, text/richtext or similar
alternative part. Thus, testing on a small test list is always a good
idea.

-- 
Mark Sapiro <[EMAIL PROTECTED]>   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Mark Sapiro]

Jim Popovitch wrote:
>
>> You say I should not have my admin email as a list member. By that you mean
>> "[EMAIL PROTECTED]" which is the default address as the admin?
>
>Your admin email would be [EMAIL PROTECTED]  That address 
>doesn't belong in the subscribers list, nor does [EMAIL PROTECTED]

To clarify:

The address [EMAIL PROTECTED] doesn't go to a human in Mailman
2.1.x. It is a synonym for [EMAIL PROTECTED] The generic
address to reach the owners (admins/moderators) is
[EMAIL PROTECTED]

I don't think Jim was saying that address ([EMAIL PROTECTED])
should not be a list member. It shouldn't, but I think what Jim was
saying is that the actual admin/owner email address(es) - i.e. the
ones that appear on the bottom of the listinfo page as

XYZ list run by jdoe at example.com

should not be list members (or at least not unmoderated members)
because otherwise you are advertising an address that can be spoofed
to post to the list.

-- 
Mark Sapiro <[EMAIL PROTECTED]>   The highway is for gamblers,
San Francisco Bay Area, Californiabetter use your sense - B. Dylan

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Ed]

If I may, Mark -;).

<>

I don't think that's correct??

<>

Even tho I only have 4 Lists with not even a total of 200 folks I have an
"alias" on each one.
I have a seperate file folder with a Rule that puts List Mail there.

That, although somewhat of a PITA, I KNOW things are working correctly.

When I get one post in Reg mail and non is "alias" folder OR vice versa, I
know something is wrong.

Newbie Ed

--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Brad Knowles]

At 1:56 PM -0500 2006-01-29, Jp Possenti wrote:

>  How hard would it be for someone to maliciously start sending all the users
>  in my list emails or start deleting people from it by sending bounce errors
>  or by spoofing the admin email and start emailing everyone on the list?

It's trivially easy to spoof e-mail addresses.  Mailman works 
around that by allowing you to configure your list to be more secure 
and require confirmations for certain commands, or by sending its own 
confirmation e-mail once an action has taken place.

The attacker may be able to spoof your e-mail address, but unless 
they can also access your mailbox, they can't see the unique 
confirmation string that they have to duplicate before the system 
will take the action in question, or to delete the notice that 
Mailman sends to the recipient.

>  Is this a common problem, or is mailman secure about it? What are some ways
>  to help avoid any problems?

It all depends on how secure you want your list to be.  Part of 
the problem is that the more security features of this sort that you 
turn on, the more cumbersome it will be for people to post or 
subscribe to the list, change their address once subscribed, etc

You want to strike a balance here between securing your system 
against spoofing and making it too difficult to use.

>  Please explain carefully and with plenty of details as I am still figuring
>  things out.

I'm not sure how much more I can explain, or precisely which part 
it is that you're most concerned about.

-- 
Brad Knowles, <[EMAIL PROTECTED]>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

 -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
 Assembly to the Governor, November 11, 1755

  LOPSA member since December 2005.  See .
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Brad Knowles]

At 4:31 PM -0500 2006-01-29, Jim Popovitch wrote:

>DKIM takes it a step
>  further and adds an encrypted email header "key" that is carried with
>  the email during it's entire journey through multiple servers.  This key
>  enables every "hop" to validate the email, whereas SPF is just
>  point-to-point validation based on email header info (which can very
>  easily be modified in transit).

If you're going to use DKIM, make sure that you are using Mailman 
2.1.7 (or later), with the most recent patches applied.  Prior 
versions of Mailman did not scrub the DKIM headers from messages as 
they were passing through, which meant that the signatures would be 
invalid for the recipients of the mailing lists.  This was fixed in 
2.1.7, but this version also introduced some other issues with 
archives (among others), which have since been patched by Tokio and 
Mark.

-- 
Brad Knowles, <[EMAIL PROTECTED]>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

 -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
 Assembly to the Governor, November 11, 1755

  LOPSA member since December 2005.  See .
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp

Re: [Mailman-Users] How hard is it to spoof an email?

[Brad Knowles]

At 4:50 PM -0500 2006-01-29, Jp Possenti wrote:

>  So basically what you are saying is that Mailman is very insecure? (in
>  short)

No, not Mailman.  At least, not Mailman per se.  No, *ALL* SMTP 
e-mail is inherently insecure -- unless you add stuff to it to make 
it secure.  HTTP is inherently insecure for the web, which is why you 
use SSL to encrypt the connection and make it safe to transmit 
sensitive information.


For e-mail, if you care that much about security, you would need 
to encrypt every message you send to the list (e.g., using PGP), the 
list software would need to de-crypt it and then re-encrypt it for 
all of the list recipients.

If you're not so worried about hiding your message from prying 
eyes but you still want to be certain as to who sent which message, 
then you would need to add a cryptographic signature to all your 
e-mail, and you would need to make sure that this signature survives 
all message transit points and doesn't get munged along the way (a 
common problem with mailing list managers).

-- 
Brad Knowles, <[EMAIL PROTECTED]>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

 -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
 Assembly to the Governor, November 11, 1755

  LOPSA member since December 2005.  See .
--
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp