[Mailman-Users] Message IDs & Security

Brad Knowles brad at stop.mail-abuse.org
Thu Aug 24 03:30:21 CEST 2006

At 10:23 PM +0000 2006-08-23, Jon Loose wrote:

>  On looking at the downloadable archives, the message ids are very long
>  indeed (over 100 characters).  I took a look at the same file for this
>  list, and the ids seem shorter.  Is there any way to get shorter message
>  ids?

Not without changing the Mailman source code, no.

>  Also, as regards security, I would appreciate recommendations of the
>  simplest way to set up a postfix/mailman system with https on apache2.
>  I've seen the FAQ and am still struggling to get my head around it.

The simplest stuff I know of is already in the documentation and the 
FAQ.  If you know of better, or can find better, please let us know.

>  Finally, what is the overall security level of mailman, given that
>  passwords are sent out in monthly reminders to the individuals
>  concerned?  If the answer is "not very secure", are there plans to
>  change this?

I would say that the overall security level of Mailman is moderate, 
if you configure the system so that all web interaction happens over 
SSL-encrypted connections.  Otherwise, it would be lower.

Yes, there are plans to improve this -- see 

Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

  Founding Individual Sponsor of LOPSA.  See <http://www.lopsa.org/>.

More information about the Mailman-Users mailing list