Mailman on open-source hosting sites is a data jail
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GNU Mailman |
New
|
Wishlist
|
Unassigned |
Bug Description
Mailman, as commonly deployed on open-source hosting sites such as gna.org and berlios.de and Savannah, is a data jail. There is no way for a mailing list administrator to download a snapshot of even just the list's addresses through the Web interface, let alone list options and other ancillary data..
This has very practical bad consequences. It means that project admins on these sites cannot do effective recovery planning against the possibility of a site outage, whether from spectacular causes like natural disaster or from more mundane ones like staff burnout and underfunding. I had my nose painfully rubbed in this problem over the weekend during a berlios.de site outage that I had reason to fear might be permanent; I thought I had irretrievably lost my email links to my developer group!
It is also philosophically wrong for Mailman, or any other component of an open-source hosting system, to be a data jail. I am not going to lecture about this, as I suspect the arguments should be blindingly obvious now that I have raised the point.
It should be possible to get a snapshot of the list metadata, and upload that snapshot into a fresh Mailman instance to losslessly recreate the list configuration. This feature should *not* assume that the list administrator has shell access to the Mailman host.
I Just filed a similar bug with the developers of Savane, and expect to do so against several other open-source hosting systems within the next few days. Data jailing creates significant vulnerabilities in our community infrastructure. As perhaps the most ubiquitous shared component of project-hosting systems, Mailman should set a good example for all.
See Mailman 3 :)