The mailing list for listmasters using Sympa

[Steve Shipway <address@concealed>]

>> By 'password approval for admin commands', do you mean asking for 
>> re-authentication by admins when they do a major command via the web?

> No. I mean allowing a password to be sent with the command. The extra 
> confirmation cycle is viewed as unnecessary hassle.

Send an unencrypted password in an email?  I know what our security team 
would say about that one if I ever let it happen!

However, this again depends on your environment, and where your civilians 
would be sending these password-laden emails from.  If all is internal, and 
your mail admins are also your list admins,  people never keep their 'sent' 
emails in places that might get compromised, and you're feeling confident 
that people will use a different password to their network login, then maybe 
it's OK for you.  I'd not want this on our system, though, so if it were ever 
implemented in Sympa I'd definitely want a way to disable it.

Steve

Steve Shipway
University of Auckland ITS
UNIX Systems Design Lead
address@concealed
Ph: +64 9 373 7599 ext 86487