[Owasp-board] Got another 50 Bounces today.
jim.manico at owasp.org
Thu Apr 5 16:15:57 UTC 2012
Just move to Google groups, IMO.
On Apr 5, 2012, at 10:03 AM, Matt Tesauro <matt.tesauro at owasp.org> wrote:
Resending from right account. Sorry for dupes.
On Thu, Apr 5, 2012 at 9:02 AM, Matt Tesauro <mtesauro at gmail.com> wrote:
> That list is not the only one. I can talk about what I think is going on
> during the board meeting.
> It looks like the message Fabio sent with the subject "[Owasp-ireland]
> OWASP Ireland Event - Slides now available " to djhuges at bigfoot.com and
> mail at mailrespository.com is in a mail loop. I can see a deferred request
> that is continuing to spool and get deferred. If possible, whoever is the
> admin for that list _should_ be able to kill that message or remove those
> addresses from that list. If they are legit, then you can manually add
> them back to the list but I'd wait a bit to allow the mail queue to clear.
> I can try and find time to see if I can remove it from the queue via the
> Mailman command line admin tools. However, I have no experience doing this
> and therefore no idea how long it will take if it is even possible.
> -- Matt Tesauro
> OWASP International Foundation Board Member and Treasurer
> OWASP WTE Project Lead
> http://AppSecLive.org - Community and Download site
> On Thu, Apr 5, 2012 at 8:51 AM, Eoin <eoin.keary at owasp.org> wrote:
>> Thanks Matt,
>> So why is the Ireland list getting 100's of bounce emails?
>> On 5 April 2012 14:48, Matt Tesauro <matt.tesauro at owasp.org> wrote:
>>> Currently we have a poorly documented Mailman 2.x setup without an
>>> assigned administrator.
>>> Mailman 2.x stores passwords in a reversible (e.g. clear text) fashion.
>>> So we can either:
>>> (1) Move to a different list management system/software
>>> (2) Create a patch for the 2.x branch of Mailman and patch our existing
>>> (3) Move to Mailman 3.x which is currently not the stable branch
>>> (4) Accept that Mailman has clear text passwords (it does say not to use
>>> an important password during signup)
>>> Each of these options will require some amount of work and we currently
>>> do not have an IT administrator for our systems. I've been trying to put
>>> out fires with Mailman but by no means understand the current configuration
>>> and my total time admin'ing Mailman is the couple of times I've tried to
>>> fix broken things or combat spam. If we as a board determine this is a
>>> large enough issue, someone will need to step up and manage whichever
>>> option is determined to be best.
>>> -- Matt Tesauro
>>> OWASP Board Member
>>> OWASP WTE Project Lead
>>> http://AppSecLive.org <http://appseclive.org/> - Community and Download
>>> On Thu, Apr 5, 2012 at 8:17 AM, Eoin <eoin.keary at owasp.org> wrote:
>>>> Password is also being sent in the clear.
>>>> What can we do??
>>>> Eoin Keary
>>>> BCC Risk Advisory
>>>> Owasp Global Board
>>>> +353 87 977 2988
>> Eoin Keary
>> OWASP Global Board Member (Vice Chair)
Owasp-board mailing list
Owasp-board at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board