On Mon, 2005-12-19 at 11:47 -0800, Elvis Fernandes wrote: > >From a web browser, non-members of a mail list can browse the archives. > Is this a correct statement? > > For example, if I am NOT a member of mail-list, I can still go to > http://mailman/pipermail/mail-list > and browse the archives. > > Now, there must be a way to block non-members to browse the archives of > mail-list > > In todays security world there sure must be a way. I would like to know > others experiences.
Some lists are appropriate for public consumption, some are not. That is why mailman supports both public and private archives, it is a per list configuration. However please note, the security protection on the private archives is not terribly strong, it requires only a username/password, something which by default is mailed in the clear once a month. Security in general was not a prime design point for mailman, a limitation which is recognized and hopefully will be better addressed in MM 3.0. If you have very sensitive information in your archives you may want to consider an alternate solution. -- John Dennis <[EMAIL PROTECTED]> ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp