[Mailman-Users] Newbie questions

John W. Baxter jwblist3 at olympus.net
Sat May 27 06:35:16 CEST 2006

On 5/26/06 6:54 PM, "Mark Sapiro" <msapiro at value.net> wrote:

> You don't have to send email commands in the subject. The body is
> processed too, but to answer your question, I don't feel uneasy about
> sending a list member password. They are mailed in reminders and we
> say not to use a valuable password. Although password reminders are
> going away in Mailman 2.2 in favor of a reset scheme.
> I am less cavalier about the list admin password. I am not bothered by
> the idea of sending it, but whenever I do send it in an email command
> or an Approved: header, I am extra careful about how the mail is
> addressed.

I've mentioned before that part (only part) of the problem is that we call
the thing a "password".  So people see "password" and plain text, and
rightly respond with security anguish.

So it's not a "password" it's a "<mumble> token".  (I don't know what
"mumble" should be.)  A lot less frightening.  And as a side benefit, if it
isn't a "password" some people will be less likely to use the same password
they've used 10 other places, endangering their accounts at those places.

  --John (at least if you think I haven't forged myself)

More information about the Mailman-Users mailing list