On Wed, 2013-05-01 at 11:02 +0100, Pete Biggs wrote: > > Gnome mailing lists seem to have started sending out monthly reminders > > of all Gnome lists i am subscribed to and what my password is for each > > one. > It's standard practise for mailing lists - virtually every mailing list > I'm on does it.
+1 > > I don't think the emails are even encrypted!! Doesn't this expose me > > to risk? What would happen if tons of accounts got cracked? Couldn't > > they be used to send tons of spam traffic to Gnome and explore other > > vulnerabilities? > The password that is sent out is the one for the mailing list - it > doesn't do anything else within Gnome. With the password the "hacker" > can change the subscription options for the list, change your password > or change the subscription address. It doesn't give access to any > personal information (other than your email address, which they've > already got). AND when you subscribe it says to use a different password from any non-trivial account you have. > Also, one of the options that that password allows you to change is > whether you get the monthly reminders of your password - if it worries > you, turn it off. > In general mailing list passwords should be considered as disposable and > you definitely shouldn't use the same password as for other more > important things. +1 -- Adam Tauno Williams <[email protected]> _______________________________________________ evolution-list mailing list [email protected] To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
