I notice that there is a new version of mailman version 2.1.9 which includes some security fixes: http://mail.python.org/pipermail/mailman-announce/2006-September/000087.html
Is the package built from the ports tree vulnerable or is this another case of "that was fixes in OpenBSD agggeeess ago!" :) Sevan / Venture37 -- "The truth, the half-truth, and nothing like the truth." - Mark Brandon Read
