From mboxrd@z Thu Jan 1 00:00:00 1970 To: 9fans@cse.psu.edu From: Ralph Corderoy Message-ID: References: , <20020219015218.6770.qmail@g.bio.cse.psu.edu> Subject: Re: [9fans] Usenet Gateway and Mailing List Archive Woes. Date: Fri, 22 Feb 2002 09:58:22 +0000 Topicbox-Message-UUID: 53acc8aa-eaca-11e9-9e20-41e7f4b1d025 Hi Scott, > > Jon Snader made me aware that Rob had posted -mpm-related material. > > I read comp.os.plan9 and didn't see the post. Google Groups has it > > without the attachments. > > The funny thing about the message rob sent was that the attachment > was labeled as being of type message/rfc822, when in fact it was not. > This confused mh, and I wouldn't be surprised if other things were > confused too. Yes, you're right. That could well be what made some things drop the attachment and others, perhaps, the whole post. nmh here has problems, and I heard from Dennis Davis that trn+metamail doesn't like it either. It did reach Bakul Shah successfully on Usenet so it looks like the mail-to-Usenet gateway isn't the problem. His Path header was Path: typhoon.sonic.net!feed.news.sonic.net!unlnews.unl.edu!headwall .stanford.edu!newsfeed.stanford.edu!nntp.cs.ubc.ca!logbridge.uoregon .edu!server3.netnews.ja.net!south.jnrs.ja.net!server2.netnews.ja.net !bath.ac.uk!ccsis I'll ask my ISP if they got any sign of it and if so, why they didn't accept. > Because of that, I mirror the archives at > http://bio.cse.psu.edu/~schwartz/9fans/ Fantastic! I've made a note for future use. I see it's also in the FAQ along with the https site. (I already got the post privately from Jon Snader.) > > I suspect that the web server at lists.cse.psu.edu has been > > configured to not accept export-grade cryptography. > > It's configured to be retarded, that's all. > > See, like all broken software, Mailman relies on sending cleartext > passwords across the net. So you have to hide the cleartext in > cryptographic tunnels. But you don't *have* to because, in Mailman's case, it makes perfectly clear the password isn't meant to give any security, just stop a very casual attack. To re-inforce this it emails you your password, in plain text, once a month. So they've no good reason to hide it for web accesses AFAICS. Thanks for the reply, Ralph.