>                        From: Jim <jim>
> 
>    As you can see, the From: field is directed back at me even though I
> used the admin privacy option to send it back to the list.

If I had to hazard a guess, I'd say that it's a mail misconfiguration on
your system that brings out a bug in mailman.  Mailman generally doesn't
like addresses that aren't fully qualified (it wants them to contain '@domain'), 
and I've seen various functions in the past barf because of this.

However, in all fairness to Mailman, RFC 822 says that your address is
supposed to have a domain attached, and even the sendmail docs say
that it's pretty much wrong to just allow the username as a return
address.

I'll need to check further to make sure, though.  

> >    o Changed nobody uid/gid to 65534 to match mailman settings
> > 
>    [Nicholson James D]  
>     My mailman is set up to be uid/gid 2001/50 with appropriate group
> entry.  Why are you setting nobody to match mailman settings?  Won't this
> cause security problems down the line if someone can access your machine as
> nobody?

I probably didn't explain this right.  I meant change the CGI gid, and I 
changed the CGI uid just for consistency.

>    Thanks for the tip.  This set of commands was not in httpd.conf.  It
> made a difference.  It was also not mentioned in the docs for mailman.
> Adding these allowed me to access mailman and still to deny a directory
> listing.

Well, in fairness to mailman, it also doesn't say to add the root-level
deny.  In the Apache documentation that suggests adding those directives,
it also says

   "This will forbid default access to filesystem locations. Add
   appropriate <Directory> blocks to allow access only in those areas
   you wish."

But I'm glad that it worked for you.  I'll still try and see what's up
with the From: address and privacy settings.

Chris