Amaya claims that it’s easier to put it all under SSL if the list management interface should be protected. I use the following options in /etc/mailman/mm_cfg.py to use SSL for list management, but plain HTTP for the archives:

DEFAULT_URL_PATTERN = 'https://%s/mailman/'
PUBLIC_ARCHIVE_URL = 'http://lists.madduck.net/pipermail/%(listname)s'
PRIVATE_ARCHIVE_URL = 'https://lists.madduck.net/mailman/private/%(listname)s'

Add to that some apache2 RewriteRule directives, and it’s enforced.

Update: someone pointed out the above only makes sense if I also set:

VERP_PASSWORD_REMINDERS       = 0

I do, of course, but I forgot to make the connection when posting the blog entry. Thanks!

Site content are copyright © Martin F. Krafft. Please see the imprint.
I shall not be held liable for offending content in pages linking to or linked from site, nor do I endorse their content unless I stated otherwise.