[Mailman-Developers] Mailman password and administrative reminders

David Birnbaum davidb@chelsea.net
Thu, 2 Mar 2000 09:26:05 -0500 (EST) 

Perhaps I'm missing something at the fundamental architecture level, but
wouldn't it make more sense to just cycle through each list and send the
reminder using the list owner? It's probably nice to only get one password
reminder email, but how big and inconvenience would that be, anyway?

This way, each user gets one email per list, and if it bounces, you know
what list to take it off of. That won't disable the address server wide,
but sooner or later some bounces will happen on the other lists and take
care of it. This way you don't have to do the user database thing.

I have nothing more than anecdotal evidence (ie, my ISP), but how often is
one address on multiple lists at a given site?

We've had to turn off password notification, because now all the people on
this list who got password notifications are now replying to mailman-owner
with list related requests. Sigh....

David.

-----

** WARNING **  This message was composed by a temporarily crippled programmer
using a speech recognition system.  Please don't be alarmed if some extremely
strange word usage shows up in the message.  Many thanks....

On Thu, 2 Mar 2000, Barry A. Warsaw wrote:

> 
> Here's the problem in a nutshell (if my quick browse of the thread is
> correct).
> 
> When a user is to get the password reminder, Mailman collates the
> passwords for all the lists that the user is on (for that virtual
> domain, but let's ignore that).  So one password reminder refers to
> potentially several lists.  So which list -owner address (e.g. bounce
> detecting addr) should get the bounces?
> 
> As I see it, the right solution is the following:
> 
> - Mailman has no catch-all address like Majordomo has.  I.e. you can't
>   send `help' to mailman@... unless you actually craft a normal
>   Mailman list for this addr.  This is bogus, because it just thinks
>   it's a normal list, not something special.  Step one of the fix is
>   to write scripts that can handle these over-arching addrs.  Then of
>   course, we'd make mailman-owner@... the recipient of all the bounced
>   password reminders.  The script on the tail of that would Do The
>   Right Thing.
> 
> - Unfortunately, the correct solution, IMO requires user databases,
>   because otherwise you need to cycle through all the lists looking
>   for the user address to disable.  Imagine for a moment, hundreds of
>   bounces coming back starting at 12:02 the first of every month, each
>   one trying to hit every list on your site.  Ouch!
> 
> I've been seriously thinking about adding support for the first bullet
> for 1.2 (scratching my own itch, doncha know), but I also just want to
> start getting the betas out, so it may have to wait.  Harald's got
> stuff in the pipeline to support user databases, but that's defiitely
> a post 1.2 feature.
> 
> If you wanted to play with this stuff in the meantime, you could
> implement #1, and see how bad a hit the touch-all-lists approach would
> be.
> 
> -Barry
>