I would suggest 'mailman 2.2' and introduce password-less membership. Most of the user operations should be done by confirmation string sent by email message. Users can optionally have their passwords which should be stored in hashed format.
This would be great.
As an additional note, I have had my developer make a pretty good solution for adding headers and footers in HTML. We did a _lot_ of research as to how yahoogroups implements this, and have copied their implementation. Its not 100% perfect - for example if the background color of a message is black, the headers and footers won't show properly. But it covers probably 98% of mail and successfully adds headers and footers to all kinds of multi-part mime email. It also handles badly formed email, again using the same implementation as yahoo groups.
I have the patches for mailman 2.5 here, and will send them out next week so you can check them out.
This will make password-less membership quite easy to implement, since it will support both html and plain text.
Adrian