Re: Bad mailing list practice?
David Frascone <dave@frascone.com> Wed, 01 September 2004 22:21 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA11775; Wed, 1 Sep 2004 18:21:03 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1C2dVn-0007qf-La; Wed, 01 Sep 2004 18:23:27 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1C2dIb-0001Kp-P5; Wed, 01 Sep 2004 18:09:49 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1C2cuj-00049X-Q2 for ietf@megatron.ietf.org; Wed, 01 Sep 2004 17:45:09 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA07387 for <ietf@ietf.org>; Wed, 1 Sep 2004 17:45:05 -0400 (EDT)
Received: from adsl-66-137-237-100.dsl.rcsntx.swbell.net ([66.137.237.100] helo=wolverine.frascone.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1C2cwz-0004eJ-PC for ietf@ietf.org; Wed, 01 Sep 2004 17:47:30 -0400
Received: by wolverine.frascone.com (Postfix, from userid 500) id 36C508689A; Wed, 1 Sep 2004 16:45:07 -0500 (CDT)
Date: Wed, 01 Sep 2004 16:45:07 -0500
From: David Frascone <dave@frascone.com>
To: Cyrus Daboo <daboo@isamet.com>
Message-ID: <20040901214506.GC14453@wolverine.frascone.com>
References: <C16A6FD47B5676A7FF69E84F@ninevah.local>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <C16A6FD47B5676A7FF69E84F@ninevah.local>
User-Agent: Mutt/1.4.1i
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a
Cc: ietf@ietf.org
Subject: Re: Bad mailing list practice?
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17
Mailman passwords are always sent in the clear, and are considered to be insecure. I believe there was verbage about that when I got my password. Just my $.02 worth, -Dave On Wednesday, 01 Sep 2004, Cyrus Daboo wrote: > A public mailbox (accessible by anyone with an IMAP client) just received a > mailman reminder about a subscription to this list. That message contained > a clear-text password (actually several in this case). Whilst mailman does > have an option for subscribers to turn off the password reminder I think it > is bad practice to have that default to 'on' for new subscribers given that > mailing lists are often piped into public archives. > > -- > Cyrus Daboo > > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www1.ietf.org/mailman/listinfo/ietf > -- David Frascone Professionals built the Titanic, amateurs built the ark. _______________________________________________ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
- Bad mailing list practice? Cyrus Daboo
- Re: Bad mailing list practice? David Frascone