On 05/31/2018 01:18 PM, Dimitri Maziuk wrote:
Yeah, I too once thought that was a good idea.
I'm not quite following you. Are you saying that you now dislike HTTP(S) usernames & passwords specifically? Or are you saying that you dislike hosting something yourself?
And then heartbleed came along, and our knee-jerk security department cut off everyone who hasn't patched in 24 hours -- at the gateway.
Problems happen. It's how you (or the powers that be) respond to something that matters.
As Murphy would have it, I was traveling across the Atlantic and our other IT guy was driving across North America. And of course cut-off at the gateway meant no mail, no ssh, no way to know what happened and no way to fix it.
Yep. Murphy and his law will get you when you least expect it or are least able to respond to it.
This stuff sounds like it's coming from the same security experts. Proper answer with those guys is don't run mailman. Export the subscribers and use it as CC list in Orifice'365: you can't go wrong with "industry standard".
I'm going to disagree with you there. You most certainly can go wrong with "industry standard" or "what everybody else does".
-- Grant. . . . unix || die
------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
