Grant Taylor via Mailman-Users writes:
> What is their working definition of "thread"?
I don't know. I gave what I think is a reasonable definition, and I
would argue that going to parents of that message is not required by
GDPR, even if for some reason you need to remove whole posts.
> I'm a
tlhackque via Mailman-Users writes:
> I have no opinion on the wisdom or bases of GitLab's position. As
> mailing lists share some characteristics with their services, those
> who have to deal with GPDR may wish to consider it in developing
> their own.
>
> [Among other things, GitLab's To
Grant Taylor via Mailman-Users writes:
> > Some of these may be hidden (eg, Reply-To is normally not displayed;
> > I don't know offhand if it's in the mbox files).
>
> Yes, Reply-To: is a standard header and included in mbox files.
"The" mbox files refers to what Mailman stores in archives
Mark Sapiro writes:
> If you are including the command in both the Subject: and the body, that
> is why. If the Subject: contains a valid command, it will be executed.
> Thus a message with 'Subject: help' and 'help' in the body contains two
> help commands so the command is executed twice.
I
I've been assigned the task of attempting to secure our current implementation
of GNU MailMan.
Have any of you out there done this?
What did you do?
Some of the initial items that have been directed my way:
1. Can archiving be totally and permanently be eliminated?
2. How and wh
I'm sure Mark has more complete answers, but diving in anyways :)
On 5/30/2018 2:36 PM, Parker, Michael D. wrote:
I've been assigned the task of attempting to secure our current implementation
of GNU MailMan.
You're probably better off changing to MM3, but if you have to stay with v2--
What
On 05/31/2018 08:10 AM, Carl Zwanzig wrote:
> I'm sure Mark has more complete answers, but diving in anyways :)
Carl's answers are good, but to add a bit ...
> On 5/30/2018 2:36 PM, Parker, Michael D. wrote:
>
>> Some of the initial items that have been directed my way:
>> 1. Can archivi
On 05/31/2018 09:52 AM, Mark Sapiro wrote:
> On 05/31/2018 08:10 AM, Carl Zwanzig wrote:
>
>>> 3. Can user passwords be eliminated and have the list
>>> administrator make any user adjustments which should not be necessary?
>> At a great loss of utility, sure. This would require a code change
On 05/30/2018 03:36 PM, Parker, Michael D. wrote:
I've been assigned the task of attempting to secure our current
implementation of GNU MailMan.
One thing that I've not seen (or missed) in this thread is the idea of
leveraging HTTPS usernames and passwords to protect the web interface.
IMHO
On 05/31/2018 12:25 PM, Grant Taylor wrote:
IMHO the web server has a LOT more experience at user access control
than most web applications. As such, I feel like the web server probably
has a better handle on how to do it.
Apache (and I suspect Nginx) has the ability to use client side TLS
ce
I feel like I'm missing something and as such have some questions.
On 05/31/2018 11:42 AM, incoming-pythonli...@rjl.com wrote:
Depending on where your users are coming from, it might be easier to
limit access to the GUI using a firewall.
Why are you using a firewall instead of leveraging the w
On 05/31/2018 01:25 PM, Grant Taylor via Mailman-Users wrote:
> On 05/30/2018 03:36 PM, Parker, Michael D. wrote:
>> I've been assigned the task of attempting to secure our current
>> implementation of GNU MailMan.
>
> One thing that I've not seen (or missed) in this thread is the idea of
> levera
On 05/31/2018 01:18 PM, Dimitri Maziuk wrote:
Yeah, I too once thought that was a good idea.
I'm not quite following you. Are you saying that you now dislike
HTTP(S) usernames & passwords specifically? Or are you saying that you
dislike hosting something yourself?
And then heartbleed came
I'd trying to change one of the parameters in one of the .pck files How
can this file be edited/changed in Linux?
I've tried searching but cannot find what I want.
Thanks.
--
Mailman-Users mailing list Mailman-Users@python.org
https://mail
On 05/31/2018 12:50 PM, Parker, Michael D. wrote:
> I'd trying to change one of the parameters in one of the .pck files How
> can this file be edited/changed in Linux?
>
> I've tried searching but cannot find what I want.
If you're talking about Mailman 2.1's config.pck, you can edit it wi
Hi Michael D.,
although I strongly believe it's NOT recommended to do what you're thinking
about for a productive environment - it's
open and free software, have fun ;-)
Instead of just changing the .pck files, as a starting point, I would suggest
to download the mailman sources, try to
figure
Change the URL in a migrated mailman list so that it appears properly in the
browser display.
Specifically, I'm trying to change the following variable as per dumpdb program
of the config.pck file.
'web_page_url': 'http://badhostname.ga.com/mailman/',
* * *
Michael D. Parke
Hmmnot being a python expert, where is a pointer to manipulating the file
using withlist
Specifically listing a variable, changing a variable, and then writing it back
to the file?
* * *
-Original Message-
From: Mailman-Users
On Behalf Of Mark Sapiro
Sent: Thursd
On 05/31/2018 01:10 PM, Parker, Michael D. wrote:
> Change the URL in a migrated mailman list so that it appears properly in the
> browser display.
>
> Specifically, I'm trying to change the following variable as per dumpdb
> program of the config.pck file.
>
> 'web_page_url': 'http://bad
On 05/31/2018 01:14 PM, Parker, Michael D. wrote:
> Hmmnot being a python expert, where is a pointer to manipulating the file
> using withlist
>
> Specifically listing a variable, changing a variable, and then writing it
> back to the file?
bin/withlist -l LISTNAME
Loading list LISTNAM
On 05/31/2018 02:40 PM, Grant Taylor via Mailman-Users wrote:
> On 05/31/2018 01:18 PM, Dimitri Maziuk wrote:
>> Yeah, I too once thought that was a good idea.
>
> I'm not quite following you. Are you saying that you now dislike
> HTTP(S) usernames & passwords specifically?
I do dislike the HTTP
On 05/31/2018 03:05 PM, Dimitri Maziuk wrote:
What exactly is it about mailman usernames and passwords that you are
trying to protect with HTTPS?
I wasn't talking about Mailman usernames (email addresses) and
passwords. I was talking about the usernames and passwords for Basic
HTTP(S) authen
On 05/31/2018 04:52 PM, Grant Taylor via Mailman-Users wrote:
> On 05/31/2018 03:05 PM, Dimitri Maziuk wrote:
>> What exactly is it about mailman usernames and passwords that you are
>> trying to protect with HTTPS?
>
> I wasn't talking about Mailman usernames (email addresses) and
> passwords. I
Dear,
Sorry if the text is difficult to understand. I am Brazilian and I do
not have many English language skills.
I'm just sending this email for information.
There we have I was not able to send emails from my server to some
domains [especially those linked to Microsoft (hotmail.como, msn.
On 05/31/2018 11:25 AM, Grant Taylor via Mailman-Users wrote:
> I feel like I'm missing something and as such have some questions.
>
> On 05/31/2018 11:42 AM, incoming-pythonli...@rjl.com wrote:
>> Depending on where your users are coming from, it might be easier to
>> limit access to the GUI using
On 05/31/2018 06:37 PM, incoming-pythonli...@rjl.com wrote:
Both are valid alternatives. There may be performance advantages,
to stopping attacks at the firewall level instead of higher up in the
application stack.
Agreed, on both accounts.
Firewalls also have a tendency to protect multiple
On 05/31/2018 06:24 PM, Grant Taylor via Mailman-Users wrote:
>
>> There are many ways to implement the same thing. Before there were
>> modules in the kernel for this, I simply pulled lists of address
>> blocks out of databases and incorporated them into my IPtables
>> lists. There are better to
On 05/31/2018 09:33 PM, incoming-pythonli...@rjl.com wrote:
I wrote scripts that read the list and generated a rule per network.
It can be slow, but has worked reliably for many years. Since it is a
mailserver, performance has not been a big issue. I am in the process
of designing a replaceme
28 matches
Mail list logo
