[Mailman-Users] misleading description

Zbigniew Szalbot z.szalbot at lc-words.com
Sat May 3 09:04:09 CEST 2008


> This message only appears for a non-member if the roster is non-public
> (available only to the admin or to list members). With a public
> roster, the message is 'No such member: user at example.com'.

Ah, I see. In today's world an option for members to see other members' 
addresses sounds dangerous and may even be such. But I see now why this 

> Granted the message could be changed from "The confirmation email has
> been sent." to something like "The confirmation email has been sent if
> user at example.com is a list member." Do you think this would help?
Yes, it would be a lot more informative. 

Maybe in future it would be better to just disallow anyone to view a 
member's list and give a clear indication whether email has or has not 
been sent. If the unsubscribe script cannot be exploited remotely, then 
I do not see probing as a real threat (especially if additionally 
secured by some captcha code or the like). But then I may not see all 
the consequences of such solution.

Anyway, thanks for Mailman!

Zbigniew Szalbot

More information about the Mailman-Users mailing list