[OSM-talk] Mailing list security

Colin Smale colin.smale at xs4all.nl
Sat Nov 25 11:55:26 UTC 2017


On 2017-11-25 11:53, Éric Gillet wrote: 

> This is non-ideal, but you were warned during your account creation that this password is to be considered non-secure : 
> 
>> You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. Do not use a valuable password as it will occasionally be emailed back to you in cleartext.

Thanks Éric, I admit that "I was warned" but I still find it scandalous
in this day and age... It seems this shortcoming in mailman was fixed in
V3, released in 2014. I read here that V3 no longer stores
unencrypted/decryptable passwords: 

https://mail.python.org/pipermail/mailman-users/2014-July/077411.html 

Are we still running V2.1? 

//colin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/talk/attachments/20171125/f9d3774c/attachment-0001.html>


More information about the talk mailing list