Carlos E. R. wrote:
On 2024-05-28 18:38, Atri Bhattacharya wrote:
David C. Rankin wrote:
I knew that spastic cat was nothing but trouble from day-one.
Not only was the interface horrid, but now it appears it was a supply-chain attack and spam-bot/backdoor all rolled into one. The old listserve/mailman starts looking pretty good at this point. Hyperkitty is free software maintained by the work of unpaid volunteers dedicated to the project. There is no back-door and no supply-chain attack. But I guess expecting you to understand that is reaching too far. Not a surprise why fewer and fewer devs read this
Seeing hard pejoratives used to demean specially-abled living beings casually thrown around on these lists is shocking but not surprising and reveals more about the quality of this ML than any spam. particular list. I know that some of the admins that installed mailman in our system repent from that decision and wouldn't repeat it.
Which is very different from saying what the previous poster said.
Hyperkitty has a security hole, which is allowing people that identify as google users to post here with just that authentication. This feature should be removed.
Agree, this could be a first step towards limiting spam. Btw, it is not just google users: any open-id provider can be used to register and start sending emails right away. Maybe we should implement a cool-off period (say, 30 days) before any new non-openSUSE open-id based user can post to the list. -- Atri