[Mailman-Users] Re: cleartext passwords

J C Lawrence claw at kanga.nu
Mon Oct 2 20:18:31 CEST 2000

On Mon, 2 Oct 2000 08:54:29 -0700 
alex wetmore <alex at phred.org> wrote:

> I do wish that Mailman had the option to just have confirmation
> email for any list configuration changes.  This would be simpler
> for most users (especially since most of my users do the "send my
> password to me" to unsub anyway).


Another feature which I've seen on a couple list servers now is that
they reply with a custom URL to configuration commend.  Simply
loading that custom URL verifies and commits the requested change.
Very nice, especially for neophyte and casual users as there is
*zero* surprise or incomprehension response to the instruction, "Go
to this web page to finish your XXXX."

An example BTW are the security lists hosted at SecurityPortal.  A
sample confirmation message looks something lie the following (URL
keys slightly munged):

Date: Mon, 25 Sep 2000 18:22:47 -0400 (15:22 PDT)
From: "L-Soft list server at LISTSERV.SECURITYPORTAL.COM (1.8d)"
Subject: Command confirmation request (3af9edff)
To: claw at KANGA.NU

Your command:

                  SUBSCRIBE LINUX-SECURITY J C Lawrence

requires confirmation. To  confirm the execution of  your command, simply
point your browser to the following URL:


Alternatively, if  you have no WWW  access, you can reply  to the present
message and type  "ok" (without the quotes) as the  text of your message.
Just the word "ok" - do not  retype the command. This procedure will work
with any mail  program that fully conforms to the  Internet standards for
electronic  mail. If  you receive  an error  message, try  sending a  new
message  to   LISTSERV at LISTSERV.SECURITYPORTAL.COM  (without   using  the
"reply" function - this is very  important) and type "ok CC2296F2" as the
text of your message.

Finally, your  command will be  cancelled automatically if  LISTSERV does
not receive your confirmation within 48h. After that time, you must start
over and resend the command to get a new confirmation code. If you change
your mind and decide that you do  NOT want to confirm the command, simply
discard the present message and let the request expire on its own.

Good stuff.

J C Lawrence                                 Home: claw at kanga.nu
---------(*)                               Other: coder at kanga.nu
http://www.kanga.nu/~claw/        Keys etc: finger claw at kanga.nu
--=| A man is as sane as he is dangerous to his environment |=--

More information about the Mailman-Users mailing list