Title: Mailman Considered Beneficial
Author: Barry Warsaw
Author-email: barry@python.org
Links: links.h rant-links.h
<h3>Mailman Considered Beneficial</h3>
Jamie Zawinski posted an article in 2002 titled <a
href="http://www.jwz.org/doc/mailman.html">Mailman Considered
Harmful</a>. I know Jamie and respect him, but I respectfully
disagree with his assessment. You'd be worried if I didn't, eh?
<p>To give Jamie the benefit of the doubt, I believe he was reviewing
older versions of the Mailman software, where some of his complaints
may have been appropriate. Here is a rebuttal to his
article, based on
<a href="http://sourceforge.net/project/showfiles.php?group_id=103">the
latest stable release of Mailman 2.1</a>, unless otherwise specified.
<h4>Mailman is a pain in the ass for the end user.</h4>
Jamie must have reviewed a pre-2.0 version, because Mailman releases
since 2.0 have implemented the "sane" recipe. Indeed it would be
insane not to. I may be mad, but I'm not insane. In fact, in Mailman
2.1, there are several ways to get unsubscribed, any one of which will
work just fine:
<ul>
<li>Send a message to <em>list</em>-leave or <em>list</em>-unsubscribe and
reply to the confirmation message. It doesn't matter at all what
is in your original message.
<li>Mail "unsubscribe" to the <em>list</em>-request address and
reply to the confirmation message.
<li>Use a mail reader that understands the standard
<a href="http://www.faqs.org/rfcs/rfc2369.html">RFC 2369</a>
List-Unsubscribe header, then just click on that header and
reply to the confirmation message.
<li>Visit your <em>user's options page</em>, click on the
Unsubscribe button and reply to the confirmation message.
Note that with Mailman 2.1, mailing lists can be personalized,
which means the url to your options page can be included in
the footer of every message you get from the list (digests
currently excluded).
</ul>
What could be simpler?
<h4>Mailman's password mechanism provides zero security.</h4>
I disagree with Jamie about the utility of Mailman's passwords because
in general they do prevent malicious people from changing your
subscription options out from under you. But I will also concede that
he has a point about password management by naive users, so you should
know that it is trivial to disable monthly password reminders, either
on a list-wide basis or on a per-user basis.
<p>Monthly password reminders serve additional purposes though: they
remind you of lists you are on which you may have forgotten about,
they remind you about how to get unsubscribed from such lists, and
they offer an opportunity for lists to cull their membership of
non-functioning addresses. In Mailman 2.1, the monthly reminders can
be sent out with <a
href="http://cr.yp.to/proto/verp.txt">VERP</a>-like envelopes, Mailman
can unambiguously parse any bounces from dead addresses, and can use
this information to automatically disable or delete disappeared
members.
<p>When you subscribe to a mailing list, the password is completely
optional -- omit it and Mailman generates a random one for you. You
generally don't need to know your password except if you want to
change your delivery options, e.g. to temporarily disable delivery
while you're on vacation, or to switch to digest delivery, subscribe
to topics, etc. For simple membership management (subscribing and
unsubscribing), you never need to know it. The user options
<b>are</b> useful.
<h4>Web-based subscriptions</h4>
If all you care about is web-based subscriptions, then yes it's pretty
easy to set up a simple CGI to do this. It's just as easy to do with
Mailman as any other mailing list software. Note though, that
Mailman's web interface is much more sophisticated because you can do
nearly all the list configuration through the web. Okay, this is of
primary benefit for list owners rather than list members, and Jamie's
rant is focused on the member experience. Note though, that Mailman's
subscription page also gives the user the option of selecting a
default language (for multilingual lists) and their preferred delivery
mechanism (digests or regular delivery).