[Mailman-Users] Approved header, mailman password and security

Dag Wieers dag at wieers.com
Wed Apr 20 15:44:13 CEST 2011

On Thu, 14 Apr 2011, Dag Wieers wrote:

> We have been using the Approved header as a way to automatically approve 
> commit logs to a read-only mailinglist. We recently moved our infrastructure 
> to github and I wrote a patch to the github Email service hook to add an 
> Approved header.
>    https://github.com/github/github-services/pull/84
> Now the problem of course is that this secret currently is either the list 
> admin or the list moderator password, which is far from secure. Especially if 
> the mails are not created on the mailman list server.
> So I would propose to allow to set a separate secret used for approved 
> messages. If compromised, it's easy to change that secret on both sides.
> Is this acceptable ?

I received no feedback on this. Shall I open a ticket for this, or is this 
not considered valuable ?

-- dag wieers, dag at wieers.com, http://dag.wieers.com/
-- dagit linux solutions, info at dagit.net, http://dagit.net/

[Any errors in spelling, tact or fact are transmission errors]

More information about the Mailman-Users mailing list