[Mailman-Developers] Feature request

[Marc MERLIN]

Looking at  it now, it's  surprising that this hasn't  happened sooner: SF's
mailman was abused with someone creating a bogus project with a mailing list
which was then used to subscribe about 10,000 people and then spam them into
oblivion.

The best/worst part is how people made it a lot worse by complaining to the
list itself and spamming one another after that:
http://www.geocrawler.com/lists/3/SourceForge/10386/0/

Anyway, I patched admin.py to just disallow admin web subscribes altogether.

In order of preference, for a future mailman version, it'd be nice if
mailman would:
- Have a config.db entry: allow web  subscribes, that can only be changed by
  the mailman owner (i.e. master password, not list password)
- Easier:  have   a  sitewide  mm_cfg.py  variable   to  allow/disallow  web
  subscribes by the list admin

Thanks,
Marc
-- 
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
  
Home page: http://marc.merlins.org/   |   Finger marc_f@merlins.org for PGP key