it's mailman time again
Jim Popovitch
jimpop at domainmail.org
Fri Sep 1 19:00:45 UTC 2023
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Fri, 2023-09-01 at 10:16 -0700, Randy Bush wrote:
+AD4 and i just have to wonder about sending passords over the net in
+AD4 cleartext in 2023.+AKA really?
+AD4
+AD4 randy
For those that wish to do something about it...
+ACQ +AH4-/mailman/debian/patches+ACQ cat 21-mask-mailpasswds.patch
+AD0APQA9 modified file 'cron/mailpasswds'
- --- cron/mailpasswds 2018-06-04 19:52:31.850899000 +-0000
+-+-+- cron/mailpasswds 2018-04-24 11:14:10.770128000 +-0000
+AEAAQA -141,7 +-141,9 +AEAAQA
for host in byhost.keys():
+ACM Site owner is +AGA-mailman+AEA-dom.ain'
userinfo +AD0 +AHsAfQ
+- virtlist +AD0 +AHsAfQ
for mlist in byhost+AFs-host+AF0:
+- virtlist +AD0 mlist
listaddr +AD0 mlist.GetListEmail()
for member in mlist.getMembers():
+ACM The user may have disabled reminders for this list
+AEAAQA -184,7 +-186,7 +AEAAQA
fmt +AD0 '+ACU-s+AFw-n +ACU--10s+AFw-n+ACU-s+AFw-n'
else:
fmt +AD0 '+ACU--40s +ACU--10s+AFw-n+ACU-s+AFw-n'
- - table.append(fmt +ACU (listaddr, password, optionsurl))
+- table.append(fmt +ACU (listaddr, +ACIAKgAqACoAKgAqACoAKgAqACI, optionsurl))
+ACM Figure out which language to use
langcnt +AD0 0
poplang +AD0 None
+AEAAQA -218,7 +-220,7 +AEAAQA
+ACM Add the table to the end so it doesn't get wrapped/filled
text +-+AD0 (header +- '+AFw-n' +- NL.join(table))
msg +AD0 Message.UserNotification(
- - addr, siteowner,
+- addr, sitebounce,
+AF8('+ACU(host)s mailing list memberships reminder'),
text.encode(enc, 'replace'), poplang)
+ACM Note that text must be encoded into 'enc' because unicode
+AEAAQA -228,11 +-230,7 +AEAAQA
msg+AFs'X-No-Archive'+AF0 +AD0 'yes'
del msg+AFs'auto-submitted'+AF0
msg+AFs'Auto-Submitted'+AF0 +AD0 'auto-generated'
- - +ACM We want to make this look like it's coming from the siteowner's
- - +ACM list, but we also want to be sure that the apparent host name is
- - +ACM the current virtual host. Look in CookHeaders.py for why this
- - +ACM trick works. Blarg.
- - msg.send(sitelist, +ACoAKgB7'errorsto': sitebounce,
+- msg.send(virtlist, +ACoAKgB7'errorsto': sitebounce,
'+AF8-nolist' : 1,
'verp' : mm+AF8-cfg.VERP+AF8-PASSWORD+AF8-REMINDERS,
+AH0)
-----BEGIN PGP SIGNATURE-----
iQIyBAEBCAAdFiEE3RmV4WutJ2KyCS2zPcxbabkKGJ8FAmTyNN0ACgkQPcxbabkK
GJ93Kg/49K27NUwr2K7LV69h+UgdzlBbr4tEiIFj/7pVcZGwWnSHaOpPDo40IUMl
pPt2KqRlnz6t0b8FnZbQljp8gVVDgWdkbrzY35PSStSzJ3K5z+c6GBfZx37mms9O
TROO8ztj95+hEjfjINW/MBtSABAyNbztnZAidNTYJ0SrVqVp8HifoRcN7SIg1uzC
EcftLs/jRs8ghC0pSyNcZd8Bjrym+2q37a8bJpQU06vqLNbrjgf+/vaxSu8HurdI
9Iw2+tYHeZ/PyiuqhAK2RBTgsqLv1zawv+khsGndpT6XbhKMJ91ySPMEWvkd8iyb
oL4kaYT0pfzXtjaex7Ezxi1qaMUZFZSFSIufkLYDEf31iRiBuuU3TAed6Lh+5UPF
nFlGHFzUYvaCOecycVToAx0QfqORGpcWdPs8k0dZOsjTTXAiTwhZU7IY1PxKuN34
shRXG5CL4Y1xc1Sn6ohGO4E1urhDATAqFHwSh39w/aKhI23d4udOZhivTKCk8zlb
7P3795tfA1XFKReXUNwoFnwq2cvSjbusDg5Q2epBsuntMS70ZvJ25wM4uY9Bzg0K
3PLlzmmRNFhUnLMDD450uaGtQmQCgfQtEXIIgPiEQtk0zol2O3Zzx/TW+QmqfrYX
81fegq1UhuyTkNRDqgWjskFd2zUYlW/0u5CLdGYtmTdn6lJ51Q==
=jjjM
-----END PGP SIGNATURE-----
More information about the NANOG
mailing list