Friday, August 26, 2005

Working Around Mailman

Mailman is currently the most used mailinglist management software for free software, its used on basically all the different repositories (sourceforge, berlios, savannah, etc.), however its seriously flawed in many aspect, just have a look at Mailman Considered Harmfull for a quick overview. One of its most annoyings bugs is that it uses a password-only login for the admin page, this means that all admins have to share the same password and that browsers will have a hard time remembering the password, since the normal user/password recording mechanism isn't triggered, beside from that doesn't even seem to have a automatic way to retrieve the password. Anyway, after a bit of testing I finally found a way to work around the braindead login-page, thus making approving held posts a easy task, instead of an insanly complicated one. The workaround is quite easy, instead of using the Mailman login form, one simply builds an own login form. To do that one creates a empty .html file and inserts the following content:

<body onload="document.passwordform.submit()">
<FORM name="passwordform" METHOD=POST ACTION="">
<INPUT TYPE=password NAME=adminpw VALUE="xxxxxxxxxxx">
<INPUT TYPE=SUBMIT name="request_login" value="Let me in...">

The ACTION url then simply needs to be adopted to the one used in your mailing list and the VALUE needs to be set to the password for the mailinglist. Finally just save the file to some place on your harddisk and bookmark it. Voila, after a click on the bookmark you will be brought directly to the configuration page of mailman, no more password required. This little dirty trick might of course work for other forms too, just copy&paste them out of the original webpage, fill out the VALUE parameter and add on onload event.

No comments: