[Mailman-Users] Archive browsing question

John Dennis jdennis at redhat.com
Mon Dec 19 21:09:35 CET 2005

On Mon, 2005-12-19 at 11:47 -0800, Elvis Fernandes wrote:
> >From a web browser, non-members of a mail list can browse the archives.
> Is this a correct statement?
> For example, if I am NOT a member of mail-list, I can still go to
> http://mailman/pipermail/mail-list
> and browse the archives.
> Now, there must be a way to block non-members to browse the archives of
> mail-list
> In todays security world there sure must be a way. I would like to know
> others experiences.

Some lists are appropriate for public consumption, some are not. That is
why mailman supports both public and private archives, it is a per list

However please note, the security protection on the private archives is
not terribly strong, it requires only a username/password, something
which by default is mailed in the clear once a month. Security in
general was not a prime design point for mailman, a limitation which is
recognized and hopefully will be better addressed in MM 3.0. If you have
very sensitive information in your archives you may want to consider an
alternate solution.
John Dennis <jdennis at redhat.com>

More information about the Mailman-Users mailing list