About this blog…

I am employed by Netnod as head of engineering, research and development and am among other things chair of the Security and Stability Advisory Committee at ICANN. You can find CV and photos of me at this page.

As I wear so many hats, I find it being necessary to somewhere express my personal view on things. This is the location where that happens. Postings on this blog, or at Facebook, Twitter etc, falls under this policy.

The views expressed on this post are mine and do not necessarily reflect the views of Netnod or any other of the organisations I have connections to.

Mailman and HTTPS

So Frobbit! this last weekend started to use HTTPS “all over the place” thanks to Let’s Encrypt. The launch will be gradual because there are so many software packages that are completely broken in design, have bugs, errors, do not use proper libraries, tries to do things on their own, do not follow RFCs and what not.

One such package is Mailman (don’t even get me started on WordPress).

The important information can be found here.

Note that you must do the following if you have multiple virtual domains (as Frobbit! has):

# $prefix/bin/withlist -l -r fix_url listname -u list_web_domain

Because of this, when running hundreds of mailing lists in tons of domains, the following is what can make your day simpler (on Debian, adjust paths accordingly):

# for i in `grep unsubscribe /var/lib/mailman/data/virtual-mailman | awk '{ print $1 }'`; do
     echo $i
     A=`echo $i | sed 's/-unsubscribe.*$//'`
     B=`echo $i | sed 's/^.*@//'`
     withlist -l -r fix_url $A -u $B
  done

Comments are closed.