[Owasp-board] Got another 50 Bounces today.

Eoin eoin.keary at owasp.org
Thu Apr 5 13:51:52 UTC 2012


Thanks Matt,
So why is the Ireland list getting 100's of bounce emails?
Eoin




On 5 April 2012 14:48, Matt Tesauro <matt.tesauro at owasp.org> wrote:

> Currently we have a poorly documented Mailman 2.x setup without an
> assigned administrator.
>
> Mailman 2.x stores passwords in a reversible (e.g. clear text) fashion.
>  So we can either:
>
> (1) Move to a different list management system/software
> (2) Create a patch for the 2.x branch of Mailman and patch our existing
> installation
> (3) Move to Mailman 3.x which is currently not the stable branch
> (4) Accept that Mailman has clear text passwords (it does say not to use
> an important password during signup)
>
> Each of these options will require some amount of work and we currently do
> not have an IT administrator for our systems.  I've been trying to put out
> fires with Mailman but by no means understand the current configuration and
> my total time admin'ing Mailman is the couple of times I've tried to fix
> broken things or combat spam.  If we as a board determine this is a large
> enough issue, someone will need to step up and manage whichever option is
> determined to be best.
>
>  --
> -- Matt Tesauro
> OWASP Board Member
> OWASP WTE Project Lead
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project
> http://AppSecLive.org <http://appseclive.org/> - Community and Download
> site
>
>
>
> On Thu, Apr 5, 2012 at 8:17 AM, Eoin <eoin.keary at owasp.org> wrote:
>
>> Password is also being sent in the clear.
>> What can we do??
>>
>>
>> Eoin Keary
>> BCC Risk Advisory
>> Owasp Global Board
>> +353 87 977 2988
>>
>>
>


-- 
Eoin Keary
OWASP Global Board Member (Vice Chair)

https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20120405/a67b0400/attachment.html>


More information about the Owasp-board mailing list