[Mailman-Developers] GSOC, Anonymous Lists
Stephen J. Turnbull
stephen at xemacs.org
Tue Mar 10 06:03:14 CET 2015
Pavan Koli writes:
> I have a doubt, while implementing anonymous lists do we have to store the
> email ids in encrypted form in the database.
I have the same doubt. You need to define "anonymous list". In
particular, specify who is, and who is not, supposed to be able to
1. See email addresses of subscribers.
2. Figure out whether two posts are from the same person.
as well whether you need to
3. Ensure that subscribers' posts can't be spoofed.
> As people having access to database can view the original email
> ids.
It's worse than that. People who have access to the MTA's mail queue
or can change its configuration files can see them too, as well as
those who have access to MTAs on relay MX hosts and the posters' MX.
More information about the Mailman-Developers
mailing list