Quoting Mark Sapiro ([EMAIL PROTECTED]): > Paul Tomblin wrote: > > > >You mean that if people used the Approve: header that Mailman doesn't > >strip it out before it sends it? That seems like a huge security hole. > > > No I don't mean that. It is removed whether or not the password is > valid. When I said "This is intentional to discourage sending the site > password in the clear in email." I meant in the email TO the list. The > header won't be in the mail FROM the list.
Well, that wouldn't be a problem in this case because it would be a user or script running on the same box as mailman. > >Is there a command line tool to approve messages? > > > No, but it would be pretty simple to modify bin/discard to make one. I'll look into that, thanks. -- Paul Tomblin <[EMAIL PROTECTED]> http://blog.xcski.com/ "Dumbass PowarRanger Voltron is like the original PowarRanger Voltron, except no one can agree who forms the head, so all you're left with is five assholes." - siln ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
