[Mailman-Users] Unsubscribe from list w/o passwd

Scott Russell scottrus at raleigh.ibm.com
Thu Sep 14 16:02:54 CEST 2000

To follow up my own hack, I did a bit more testing and found this works
to allow users to subscribe and unsubscribe to a list w/o worrying about
choosing a password. To set this up you'll need to create a dummy email
address that dumps messages into /dev/null or some other mail 
queue. Here's a quick break down:

dummy at myhost.com -> This is the address all subscribe / unsubscribe
messages should come from.

user at userhost.com -> The user email address who wants to subscribe or

mylist at myhost.com -> The mailman list using a list passwd of

1) User selects mylist from a drop down menu on a web page and enters
   their email address of user at userhost.com. They then click 'subscribe'
   to submit the form.

2) CGI creates an email addressed to mylist-request at myhost.com from
   dummy at myhost.com. The email has no subject and a single line in the
   body: "subscribe address=user at userhost.com"

3) Depending on list options the user will get a confirm message.

4) Depending on list options the list admin will get a new user subscribed

5) dummy at myhost.com will get a 'Your command results' message which will
   be routed to /dev/null or some other mail queue as to not bother the
   list admin.

To have a user unsubscribe it's the same process execpt in step 2 the
email body should contain the line: "unsubscribe mylistpasswd
user at userhost.com".

I know php3/php4 can do this rather nicely with the mail() function. Just
be sure to keep your listpasswd out of the webpage to prevent a user from
getting it by viewing the source.


On Thu, Sep 14, 2000 at 09:45:49AM -0400, Scott Russell wrote:
> Here's a hack.
> Create a web form that allows the user to enter their email address. My
> example is 'joeuser at nowhere.com'. 
> Generate an email to mylist-request at mailman.server.com w/o a subject and
> the single line of: "unsubscribe <list passwd> joeuser at nowhere.com". Make
> sure the mail header says it is from some generic list admin address.
> Mailman should then unsubscribe the user taking the list passwd instead of
> the users passwd. I tested this and it seems to work with the exception of
> a mail back to person who sent the message does contain the list
> passwd. I think you can work around this problem by setting the email from
> header to be from some generic admin address.
> Be sure to test this! You don't want users to get a hold of the list
> passwd!

 Scott Russell (scottrus at raleigh.ibm.com)
 Linux Technology Center, System Admin, RHCE.

More information about the Mailman-Users mailing list