[Mailman-Users] Re: Retrieving moderator password

Thomas Gramstad thomas at ifi.uio.no
Thu Sep 21 21:47:04 CEST 2000

> Hi,
> On Thu, 21 Sep 2000, Thomas Gramstad wrote:
>> The procedure for creating a new list here is that when I create a
>> list I send a message to the computer staff and ask them to create
>> the new list.  They create it, and I get a message from Mailman that
>> I'm the list-owner and that I already have an admin password for
>> Mailman and this admin-password is the same for all my lists.

> If the message you receive is something in the lines:
> "The mailing list `listname' has just been created for you. (...snip...)
> Your mailing list password is the same as the one in your other mailing
> lists." then either it was not Mailman who sent you the message or it was
> a very hacked up version of Mailman and we would really apreciate if you
> could convince your computer staff to send us the changes.
> On the other hand if the message looks like:
> "The mailing list `listname' has just been created for you. (...snip...) 
> Your mailing list password is:
>     xxxx
> "
> where xxxx is the same password you have for other lists, then
> you need to smack your computer staff up in the head for using the same
> password when creating all the lists (or at least all the lists they
> create for you), because (and let me speak this really slow): "Each
> list has only one password" (at least on the Mailman that can be found on
> http://www.list.org).

Here is a sample message.


12-Sep-2000  5:57:14-GMT,2180;000000000001
Return-path: <mailman-owner at lister.uio.no>
Envelope-to: thomas at ifi.uio.no
Delivery-date: Tue, 12 Sep 2000 06:57:14 +0200
Received: from lister.uio.no ([])
	by pat.uio.no with esmtp (Exim 2.12 #7)
	id 13Yi8A-0005H8-00
	for thomas at ifi.uio.no; Tue, 12 Sep 2000 06:57:14 +0200
Subject: Granted admin rights for mailing list aynarchism at ifi.uio.no
From: mailman-owner at lister.uio.no
To: thomas at ifi.uio.no
Sender: aynarchism-owner at ifi.uio.no
Errors-To: aynarchism-owner at ifi.uio.no
X-BeenThere: aynarchism at ifi.uio.no
X-Mailman-Version: 1.2 (experimental)
Precedence: bulk
List-Id:  <aynarchism.ifi.uio.no>
Message-Id: <E13Yi8A-0005H8-00 at pat.uio.no>
Date: Tue, 12 Sep 2000 06:57:14 +0200

You, thomas at ifi.uio.no, have been granted administrative privileges
for the mailing list `aynarchism at ifi.uio.no'.

The address thomas at ifi.uio.no has been registered as list admin for
other lists before -- and thus that mail address already has an admin
password associated with it.  That same password should also be used
when administrating this new list, `aynarchism at ifi.uio.no'.

Some basic information about the mailing list for which you now have
admin privileges follows:

The mailing list can be configured at the following web page:


The web page for users of your mailing list is: 


You can even customize these web pages from the list configuration
page.  However, you do need to know HTML to be able to do this.

There is also an email-based interface for users (not administrators)
of your list; you can get info about using it by sending a message
with just the word `help' as subject or in the body, to:

    aynarchism-request at ifi.uio.no

To unsubscribe a user: from the mailing list 'listinfo' web page,
click on or enter the user's email address as if you were that user.
Where that user would put in their password to unsubscribe, put in
your admin password.  You can also use your password to change
member's options, including digestification, delivery disabling, etc.

Please address all questions to <mailman-owner at lister.uio.no>.


Would that be alternative A?

>>> [...] I know about 2 list-admin passwords for the 600-odd
>>> lists I have on my server, but I control them all through the
>>> site pass.
>> So the site password has two functions: it allows you to create
>> or change list passwords, and it can also be used itself as a
>> list password on any list?

> No. The site password has only one function. To work everywhere
> a password is needed as if it was the intended password.

OK. So since my password cannot be used to unsubscribe a subscriber
via Mailman's e-mail interface, then my password is not the site

> Specifically:
> 1. at the "list Administrative Authentication" page (where it asks only
> for a password, not a user/pass combo,

If this is the page where I log in (the page before the General options
page and with links to membership management, privacy etc. on top), then
it does require a user/pass combo.  I've never seen a Mailman web page
that requires only the password and not the username/address too.

> so multiple passwords would make for a very weak authentication
> scheme, not that the one already in place is particularly
> strong...), and in the "Enter current password:" field at the
> "To Change The Administrator Password" form at the botton of the
> "General Options" page.

OK, I'll try this.

Thomas Gramstad
thomas at ifi.uio.no


> 2. at the user configuration page, in any of the "Password" or "Old
> Password" fields as if it was the user password. That page you can access
> by typing a subscribed e-mail address at the bottom of the "listinfo" page
> for the list.
> The list password, bessides working at #1 above, also works at #2 above,
> like it was the user password.
> So, don't get me wrong, I'm not trying to be rude, but either you get over
> your denial phase, change the list password and give the new one to your
> co-moderator (and keep it around for when you need to operate that list
> because it is the only one you've got), or you go talk to your computer
> staff about your problem because we can't help you if you won't believe
> us.
> Regards, Leo

More information about the Mailman-Users mailing list