On Thu, Mar 24, 2016 at 10:39 AM, Ranti Junus <[log in to unmask]> wrote:
> Thank you, Eric, for the heads up and your guardianships...
> Mailman is easy to administer, but it has a huge caveat: when a user
> request a password (reminder, etc.), it sends it as an email in plain text.
However, this is no longer true in mailman 3 (if heavily-developed-alpha is
an okay answer); passwords are sha512-hashed and *maybe* also salted,
though the docs are sparse on that front.
Board of Directors, Library & Information Technology Association: