Comment 4 for bug 266170

OK, fix was in time for 2.1.6 for password reminder from web
interface only; monthly reminder has already been fixed.
Password retrieval by mail command is still not fixed. 8bit
password by mail command needs more study because the
request mail might be encoded (quoted or base64).

I would prefer restricting password characters within
ascii-printables because there is no cryptography in mailman
user passwords. You only get (steal) the config file to get
the plain text password. You don't have to run 'crack' to
guess the password from crypted passwd entry like in Unix.

In any event, next major version of mailman should be free
of user password.