Implement security log.

1 files changed, 9 insertions, 0 deletions

diff --git a/NEWS b/NEWS
index e037982c..cb0dcc5d 100644
--- a/NEWS
+++ b/NEWS
@@ -30,6 +30,15 @@ Here is a history of user visible changes to Mailman.
       py2-ipaddress module is installed.  The module can be installed via pip
       if not included in your Python.
 
+    - Thanks to Jim Popovitch, Mailman has a new 'security' log and logs
+      authentication failures to the various web CGI functions.  The logged
+      data include the remote IP and can be used to automate blocking of IPs
+      with something like fail2ban.  Since Mailman 2.1.14, these have returned
+      an http 401 status and the information should be logged by the web
+      server, but this new log makes that more convenient.  Also, the
+      'mischief' log entries for 'hostile listname' noe include the remote IP
+      if available.
+
   i18n
 
     - The Japanese translation has been updated by Yasuhito FUTATSUKI.