[Owasp-board] Got another 50 Bounces today.
eoin.keary at owasp.org
Thu Apr 5 13:51:52 UTC 2012
So why is the Ireland list getting 100's of bounce emails?
On 5 April 2012 14:48, Matt Tesauro <matt.tesauro at owasp.org> wrote:
> Currently we have a poorly documented Mailman 2.x setup without an
> assigned administrator.
> Mailman 2.x stores passwords in a reversible (e.g. clear text) fashion.
> So we can either:
> (1) Move to a different list management system/software
> (2) Create a patch for the 2.x branch of Mailman and patch our existing
> (3) Move to Mailman 3.x which is currently not the stable branch
> (4) Accept that Mailman has clear text passwords (it does say not to use
> an important password during signup)
> Each of these options will require some amount of work and we currently do
> not have an IT administrator for our systems. I've been trying to put out
> fires with Mailman but by no means understand the current configuration and
> my total time admin'ing Mailman is the couple of times I've tried to fix
> broken things or combat spam. If we as a board determine this is a large
> enough issue, someone will need to step up and manage whichever option is
> determined to be best.
> -- Matt Tesauro
> OWASP Board Member
> OWASP WTE Project Lead
> http://AppSecLive.org <http://appseclive.org/> - Community and Download
> On Thu, Apr 5, 2012 at 8:17 AM, Eoin <eoin.keary at owasp.org> wrote:
>> Password is also being sent in the clear.
>> What can we do??
>> Eoin Keary
>> BCC Risk Advisory
>> Owasp Global Board
>> +353 87 977 2988
OWASP Global Board Member (Vice Chair)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board