Mailman - The GNU Mailing List Management System
Copyright (C) 1998,1999,2000,2001 by the Free Software Foundation, Inc.
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA

Here is a history of user visible changes to Mailman.

2.0.10 (09-Apr-2002)

    - Closed another small race condition.

    - Add the RFC-2822 recommended Message-ID: header on internally
      generated outgoing messages.  Not all MTAs add this field if
      missing (read: Qmail).

2.0.9 (02-Apr-2002)

    - Closed a race condition which could, under rare circumstances,
      cause the occasional message to get lost.

    - HTML escape message excerpts and headers on the admindb page so
      JavaScript and other evil tags can't mess up the display.

    - Some additional Python 2.2 compatibility fixes.

    - Unlink the footer logos so as not to bug the python.org and
      gnu.org maintainers as much. :(

    - Fix a crash in the DSN bounce detection module, which could
      cause some bounce messages to remain in the queue.

    - Add the RFC-2822 mandated Date: header on internally generated
      outgoing messages.  Not all MTAs add this field if missing
      (read: Qmail).

2.0.8 (27-Nov-2001)

    Security fix release to prevent cross-site scripting exploits.
    See http://www.cert.org/advisories/CA-2000-02.html for a
    description of the general problem (not Mailman specific).

2.0.7 (09-Nov-2001)

    Security fixes:

    - Closed a hole in cookie management whereby some carefully
      crafted untrusted cookie data could crash Mailman if used with
      Python 1.5.2, or cause some unintended class constructors to be
      run on the server.

    - In the DSN.py bounce handler, a message that was DSN-like, but
      which was missing a "report-type" parameter could cause a
      non-deletable bounce message to crash Mailman forever, requiring
      manual intervention.

    Bug fixes:

    - Stray % signs in headers and footers could cause crashes.  Now
      they'll just cause an [INVALID HEADER] or [INVALID FOOTER]
      string to be added.

    - The mail->news gateway has been made more robust in the face of
      duplicate headers, and reserved headers that some news servers
      reject.  If the message is still rejected, it is saved in
      $prefix/nntp instead of discarded.

    - Hand-crafted invalid chunk number in membership management
      display could cause a traceback.

2.0.6 (25-Jul-2001)

    Security fix:

    - Fixed a potential security hole which could allow access to list
      administrative features by unauthorized users.  If there is an
      empty data/adm.pw file (the site password file), then any
      password will be accepted as the list administrative password.
      This exploit is caused by a common "bug" in the crypt() function
      suffered by several Unix distributions, including at least
      GNU/Linux and Solaris.  Given a salt string of length zero,
      crypt() always returns the empty string.

      In lieu of applying this patch, sites can run bin/mmsitepass and
      ensure that data/adm.pw is of length 2 or greater.

    Bug fixes:

    - Ensure that even if DEFAULT_URL is misconfigured in mm_cfg.py
      (i.e. is missing a trailing slash), it is always fixed upon list
      creation.

    - Check for administrivia holds before any other tests.

    - SF bugs fixed: 407666, 227694

    - Other miscellaneous buglets fixed.

2.0.5 (04-May-2001)

    Fix a lock stagnation problem that can result when the user hits
    the `stop' button on their browser during a write operation that
    can take a long time (e.g. hitting the membership management admin
    page).

2.0.4 (18-Apr-2001)

    Python 2.1 compatibility release.  There were a few questionable
    constructs and uses of deprecated modules that caused annoying
    warnings when used with Python 2.1.  This release quiets those
    warnings.

2.0.3 (12-Mar-2001)

    Bug fix release.  There was a small typo in 2.0.2 in ListAdmin.py
    for approving an already subscribed member (thanks Thomas!).
    Also, an update to the OpenWall security workaround
    (contrib/securelinux_fix.py) was included.  Thanks to Marc Merlin.

2.0.2 (03-Mar-2001)

    Security fix:

    - A fix for a potential privacy exploit where a clever list
      administrator could gain access to user passwords.  This doesn't
      allow them to do much more harm to the user then they normally
      could, but they still shouldn't have access to the passwords.

    Bug fixes:

    - In the admindb page, don't complain when approving a
      subscription of someone who's already on the list (SF bug
      #222409 - Thomas Wouters).

      Also, quote for HTML the Subject: text printed for held
      messages, otherwise messages with e.g. "Subject: </table>" could
      royally screw page formatting.

    - In Netscape.py bounce processor, don't bomb out on ill-formed
      messages (no semi-colon separating parameters), otherwise mail
      delivery could grind to a halt.  Bug reported by Kambiz
      Aghaiepour.

    - Docstring fix bin/newlist to remove mention of "immediate"
      argument (Thomas Wouters).

    - Fix for bin/update when PREFIX != VAR_PREFIX (SF bug #229794 --
      Thomas Wouters).

2.0.1 (03-Jan-2001)

    Bug fix release, namely fixes a buglet in bin/withlist affecting
    the -l and -r flags; also a problem that can cause qrunner to stop
    processing mail after disk-full events (SourceForge bug 127199).

2.0 final (21-Nov-2000)

    No changes from rc3.

2.0 release candidate 3 (16-Nov-2000)

    - By popular demand, Reply-To: munging policy is now to always
      override any Reply-To: header in the original message, if
      reply_goes_to_list is set to "This list" or "Explicit Address"

    - bin/newlist given -q/--quiet flag instead of the <immediate>
      positional argument

    - Hopefully last fix to DEFAULT_URL not ending in a slash
      sensitivity

    - 2.0rc2 buglets fixed:
        o newlist argument parsing
        o updating with unlocked lists
        o HyperArch.py traceback when there's no
          Content-Transfer-Encoding: header

    - SourceForge bugs fixed:
        122358 (qmail-to-mailman.py listname case folding)

    - SourceForge patches applied:
        102373 (qmail-to-mailman.py listname case folding)

2.0 release candidate 2 (10-Nov-2000)

    - Documentation updates: start at admin/www/index.html

    - bin/withlist accepts additional command line arguments when used
      with the --run flag; bin/mmsitepass and bin/newlist accept
      -h/--help flags

    - bin/newlist has a -o/--output flag to append /etc/aliases
      suggestions to a specified file

    - SourceForge bugs fixed:
        116615 (README.BSD update), 117015 (duplicate messages on
        moderated posts), 117548 (exception in HyperArch.py), 117682
        (typos), 121185 (vsnprintf signature), 121591 and 122017
        (bogus link after web unsubscribe), 121811 (`subscribe' in
        Subject: doesn't get archived)

    - SourceForge patches applied:
        101812 (securelinux_fix.py contrib), 102097 (fix for bug
        117548), 102211 (additional args for withlist), 102268 (case
        insensitive Content-Transfer-Encoding:)

2.0 release candidate 1 (23-Oct-2000)

    - Bug fixes and security patches.

    - Better html rendition of articles in non us-ascii charsets
      (Jeremy Hylton).  See VERBATIM_ENCODING variable in
      Defaults.py.in for customization.

2.0 beta 6 (22-Sep-2000)

    - Building
        o Tested with Python 1.5.2, Python 1.6, and Python 2.0 beta 1.
          Conducted on RH Linux 6.1 only, but should work
          cross-platform.

        o Configure now accepts --with-username, --with-groupname,
          --with-var-prefix flags.  See `configure --help' or the
          INSTALL file for details.

        o Setting the CFLAGS environment variable before invoking
          configure now works.

        o The icons are now copied into $prefix/icons at install time.
          Patch by David Champion.

    - Standards
        o Compliance with RFC 2369 (List-*: headers).  Patch by
          Darrell Fuhriman.  List-ID: header is kept for historical
          reasons.

        o Fixes by Jeremy Hylton to Pipermail in support of non-ASCII
          charsets, based on the Content-Type: and encoded-words in
          the original message.  Mail headers are now decoded as per
          RFC 2047.

        o Many more bounce formats are detected: Microsoft's SMTPSVC,
          Compuserve, GroupWise, SMTP32, and the more generic
          SimpleMatch (which catches lots of similar but slightly
          different formats).

    - Defaults
        o Email addresses can now be obscured in Pipermail archives by
          setting mm_cfg.ARCHIVER_OBSCURES_EMAILADDRS to 1 (obscuring
          is turned off by default).  Patch provided by Chris Snell.

        o The default NNTP host can now be set by editing
          mm_cfg.DEFAULT_NNTP_HOST.  Patch by David Champion.

        o The default archiving mode (public/private) can now be set
          by editing mm_cfg.DEFAULT_ARCHIVE.  Patch by Ted Cabeen.

    - Web UI
        o The variable details pages in the administrators interface
          is now `live', i.e. there's a submit button on the details
          page.

        o A link to the administrative interface is placed in the
          footer of the general user pages (authentication still
          required, of course!)

        o The user options change results page has a link back to the
          user's main page.

        o In the admindb page (for dealing with held postings), the
          default forward address is now listname-owner instead of
          listname-admin.  This avoids bounce detection on the
          forwarded message.

    - Miscellaneous
        o Fixed config.db corruption problem when disk-full errors are
          encountered.

        o Command line scripts accept list names case-insensitively.

        o bin/remove_members takes a -a flag to remove all members of
          a list in one fell swoop.

        o List admin passwords must be non-empty.

        o Mailman generated passwords are slightly more mnemonic, and
          shouldn't have confusing character selections (i.e. `i'
          only, but no `1' or `l').

        o Crossposting to two gated mailing lists should be fixed.

        o Many other bug fixes and minor web UI improvements.

2.0 beta 5 (01-Aug-2000)

    - Bug fix release.  This includes a fix for a small security hole
      which could be exploited to gain mailman group access by a local
      user (not a mail or web user).

    - As part of the fix for the "cookie reauthorization" bug, only
      session cookies are used now.  This means that administrative
      and private archive cookies expire only when the browser session
      is quit, however an explicit "Logout" button has been added.

2.0 beta 4 (06-Jul-2000)

    - Bug fix release.

2.0 beta 3 (29-Jun-2000)

    - Delivery mechanism (qrunner) refined to support immediate
      queuing, queuing directly from MTA, and queuing on any error
      along the delivery pipeline.  This means 1) that huge lists
      can't time out the MTA's program delivery channel; 2) it is much
      harder to completely lose messages; 3) eventually, qrunner will
      be elaborated to meter delivery to the MTA so as not to swamp
      it.  The tradeoff is in more disk I/O since every message coming
      into the system (and most that are generated by the system) live
      on disk for some part of their journey through Mailman.

      For now, see the Default.py variables QRUNNER_PROCESS_LIFETIME
      and QRUNNER_MAX_MESSAGES for primitive resource management.

      The API to the pipeline handler modules has changed.  See
      Mailman/Handlers/HandlerAPI.py for details.

    - Revamped admindb web page: held messages are split into headers
      and bodies so they are easier to vette; admins can now also
      preserve a held message (for spam evidence gathering) or forward
      the message to a specified email address; disposition of held
      messages can be deferred; held messages have a more context
      meaningful default rejection message.

    - Change to the semantics for `acceptable_aliases' list
      configuration variable, based on suggestions by Harald Meland.

    - New mm_cfg.py variables NNTP_USERNAME and NNTP_PASSWORD can be
      set on a site-wide basis if connection to your nntpd requires
      authentication.

    - The list attribute `num_spawns' has been removed.  The mm_cfg.py
      variables MAX_SPAWNS, and DEFAULT_NUM_SPAWNS removed too.

    - LIST_LOCK_LIFETIME cranked to 5 hours and LIST_LOCK_TIMEOUT
      shortened to 10 seconds.  QRUNNER_LOCK_LIFETIME cranked up to 10
      hours.  This should decrease the changes for bogus and harmful
      lock breaking.

    - Resent-to: is now one of the headers checked for explicit
      destinations.

    - Tons more bounce formats are recognized.  The API to the bounce
      modules has changed.

    - A rewritten LockFile module which should fix most (hopefully all)
      bugs in the locking machinery.  Many improvements suggested by
      Thomas Wouters and Harald Meland.

    - Experimental support (disabled by default) for delivering SMTP
      chunks to the MTA via multiple threads.  Your Python executable
      must have been compiled with thread support enabled, and you
      must set MAX_DELIVERY_THREADS in mm_cfg.py.  Note that this may
      not improve your overall system performance.

    - Some changes and additions to scripts: bin/find_member now
      supports a -w/--owner flag to match regexps against mailing list
      owners; bin/find_member now supports multiple regexps;
      cron/gate_news command line option changes; new script
      bin/dumbdb for debugging purposes; bin/clone_member can now also
      remove the old address and change change the list owner
      addresses.

    - The News/Mail gateway admin page has a button that lets you do
      an explicit catchup of the newsgroup.

    - The CVS repository has been moved out to SourceForge.  For more
      information, see the project summary at

      http://sourceforge.net/project/?group_id=103

    - Lots 'o bug fixes and some performance improvements.

2.0 beta 2 (07-Apr-2000)

    - Rewritten gate_news cron script which should be more efficient
      and avoid race and locking problems.  Each list now maintains
      its own watermark, and when you use the admin CGI script to turn
      on gating from Usenet->mail, an automatic mass catch up is done
      to avoid flooding the mailing list.  cron/gate_news's command
      line interface has also changed.  See its docstring for
      details.

    - A new cron script called qrunner has been added to retry message
      deliveries that fail because of temporary smtpd problems.

    - New command line script called bin/list_lists which does exactly
      that: lists all the mailing lists on the system (much like the
      listinfo CGI does).

    - bin/withlist is now directly executable, however if you want to
      use python -i, you must still explicitly invoke it.
      bin/withlist also now cleans up after itself by unlocking any
      locked lists.  It does NOT save any dirty lists though - you
      must do this explicitly.

    - $prefix permissions (and all subdirs) must now be 02775.
      bin/check_perms has been updated to fix all the subdir
      permissions.

    - "make update" (a.k.a. bin/update) is run automatically when you
      do a "make install"

    - The CGI driver script now puts information about the Python
      environment into the logs/error file (but not the diagnostic web
      page).

    - Bug fixes and some performance improvements

2.0 beta 1 (19-Mar-2000)

    - Python 1.5.2 (or newer) is now required.

    - A new bundled auto-responder has been added.  You can now
      configure an autoresponse text for each list's primary
      addresses:

        listname@yourhost.com -- the general posting address
        listname-request@...  -- the automated "request bot" address
        listname-admin@...    -- the human administrator address

    - The standard UI now includes three logos at the bottom of the
      page: Dragon's Mailman logo, the Python Powered logo, and the
      GNU logo.  All point to their respective home pages.

    - It is now possible to set the Reply-To: field on lists to an
      arbitrary address.  NOTE: Reply-To: munging is generally
      considered harmful!  However for some read-only lists, it is
      useful to direct replies to a parallel discussion list.

    - There is a new message delivery architecture which uses a
      pipeline processor for incoming and internally generated
      messages.  Mailman no longer contains a bundled bulk-mailer;
      instead message delivery is handled completely by the MTA.  Most
      MTAs give a high enough priority to connections from the
      localhost that mail will not be lost because of system load, but
      this is not guaranteed (or handled) by Mailman currently.  Be
      careful also if your smtpd is on a different host than the
      Mailman host.  In practice, mail lossage has not be observed.

      For this reason cron/run_queue is no longer needed (see the
      UPGRADING file for details).

      Also, you can choose whether you want direct smtp delivery, or
      delivery via the command line to a sendmail-compatible daemon.
      You can also easily add your own delivery module.  See
      Mailman/Defaults.py for details.

    - A similar pipeline architecture for the parsing of bounce
      messages has been added.  Most common bounce formats are now
      handled, including Qmail, Postfix, and DSN.  It is now much
      easier to add new bounce detectors.

    - The approval pending architecture has also been revamped.
      Subscription requests and message posts waiting for admin
      approval are no longer kept in the config.db file, but in a
      separate requests.db file instead.

    - Finally made consistent the use of Sender:/From:/From_ in the
      matching of headers for such things as member-post-only.  Now,
      if USE_ENVELOPE_SENDER is true, Sender: will always be chosen
      over From:, however the default has been changed to
      USE_ENVELOPE_SENDER false so that From: is always chosen over
      Sender:.  In both cases, if no header is found, From_ (i.e. the
      envelope sender is used).  Note that the variable is now
      misnamed!  Most people want From: matching anyway and any are
      easily spoofable.

    - New scripts bin/move_list, bin/config_list

    - cron/upvolumes_yearly, cron/upvolumes_monthly, cron/archive,
      cron/run_queue all removed.  Edit your crontab if you used these
      scripts.  Other scripts removed: contact_transport, deliver,
      dumb_deliver.

    - Several web UI improvements, especially in the admin page.

    - Remove X-pmrqc: headers to prevent return reciepts for Pegasus
      mail users.

    - Security patch when using external archivers.

    - Honor "X-Archive: No" header by not putting this message in the
      archive.

    - Changes to the log file format.

    - The usual bug fixes.

1.1 (05-Nov-1999)

    - All GIFs removed.  See http://www.gnu.org/philosophy/gif.html
      for the reason why.

    - Improvements to the Pipermail archiver which make things faster.
      Primary change is that the .txt files are not gzipped on every
      posted message.  Instead, use the new cron script `nightly_gzip'
      to gzip the .txt file in batches (this means that the .txt file
      will lag behind the on-line archives a little).

    - From the C drivers programs, Python is invoked with the -S
      option.  This tells Python to avoid importing the site module,
      which can improve start up time of the Python process
      considerably.  Note that the command line script invocation has
      not been changed.

    - New configuration variables PUBLIC_EXTERNAL_ARCHIVER and
      PRIVATE_EXTERNAL_ARCHIVER which can contain a shell command
      string for os.popen().  This can be used to invoke an external
      archiver instead of the bundled Pipermail archiver.  See
      Defaults.py for details.

    - new script `bin/find_member' which can be used to search for a
      member by regular expression.

    - More child processes are reaped, which should eliminate most
      occurrences of zombie processes.

    - A few small miscellaneous bug fixes (including PR#99, PR#107)
      and improvements to the file locking algorithms.

1.0 (30-Jul-1999)

    - Configure script now allows $PREFIX (by default /home/mailman)
      to be permissions 02755.  Also, configure now tests for
      vsnprintf()

    - Workaround, taken from GNU screen, for systems missing
      vsnprintf()

    - Return-Receipt-To: and Disposition-Notification-To: headers are
      always removed from posted messages (they can be used to troll
      for list membership).

    - Workaround for MSIE4.01 (and possibly other versions) bug in the
      handling of cookies.

    - A small collection of other bug fixes.

1.0rc3 (10-Jul-1999)

    - new script bin/check_perms which checks (and optionally fixes)
      the permissions and group ownerships of the files in your
      Mailman installation.

    - Removed a bottleneck in the archiving code that was causing
      performance problems on highly loaded servers.

    - The code that saves a list's state and configuration database
      has been made more robust.

    - Additional exception handlers have been added in several places
      to alleviate problems with Mailman bombing out when it really
      would be better to print/log a helpful message.

    - The "password" mail command will now mail back the sender's
      subscription password when given with no arguments.

    - The embarrassing subject-prefixing bug present in rc2 has been
      fixed.

    - A small (but nice :) collection of other squashed bugs.

1.0rc2 (14-Jun-1999)

    - A security flaw in the CGI cookie mechanisms was discovered --
      the Mailman-issued cookies were easily spoofable, implying that
      e.g. admin access to all Mailman lists via the web interface
      could be compromised.  This flaw has now been fixed.

    - Handling of SMTP errors has been improved.

    - Both "Mass Subscription" via web admin interface and
      bin/add_members have been greatly sped up.

    - autoconf check for syslog has been revamped, and is now verified
      to work on SCO OpenServer 5.  If syslog can't be found, the C
      wrappers will compile, but without any syslog calls.

    - Various other bug fixes.

1.0rc1 (04-May-1999)

    - There is a new Mailman logo, contributed by The Dragon De
      Monsyne.  Please read the INSTALL file for information about
      installing the logo in a place your Web server can find it.

    - USE_ENVELOPE_SENDER is now set to 0 by default.  Turning this on
      caused problems for too many users; lists restricted to
      member-only posts were not matching the addresses correctly.

    - A revamped bin/withlist to be a little more useful.

    - A revamped cron/mailpasswds which groups users by virtual hosts.

    - The usual assortment of bug fixes.

1.0b11 (03-Apr-1999)

    - Bug fixes and improvements for case preservation of subscribed
      addresses.  The DATA_FILE_VERSION has been bumped to 14.

    - New script bin/withlist, useful for interactive debugging.

1.0b10 (26-Mar-1999)

    - New script bin/sync_members which can be used to synchronize a
      list's membership against a flat (e.g. sendmail :include: style)
      file.

    - bin/add_members and bin/remove_members now accept addresses on
      the command line with `-' as the value for the -d and -n
      options.

    - Added variable USE_ENVELOPE_SENDER to Defaults.py for site-wide
      configuration of address matching scheme.  With this variable
      set to true, the envelope sender (e.g. Unix "From_" header) is
      used to match addresses, otherwise the From: header is used.
      Envelope sender matching seems not to work on many systems.
      This variable is currently defaulted to 1, but may change to 0
      for the final release.

    - Reorganization of the membership management admin page.  Also
      member addresses are linked to their options page.  Only the
      `General' category has the admin password change form.

    - Major reorganization of email command handling and responses.
      `notmetoo' is the preferred email command instead of `norcv',
      although the latter is still accepted as an argument.  If more
      than 5 errors are found in the message, command processing is
      halted.

    - User options page now shows the user their case-preserved
      subscribed address as well.

    - The usual assortment of bug fixes.

1.0b9 (01-Mar-1999)

    - New bin scripts: clone_member, list_members, add_members (a
      consolidation of convertlist and populate_new_list which have
      been removed).

    - Two new readmes have been added: README.LINUX and README.QMAIL

    - New configure option --with-cgi-ext which can be used if your
      Web server requires extensions on CGI scripts.  The extension
      must include a dot (e.g. --with-cgi-ext=".cgi").

    - Many bug fixes, including the setgid problem that was causing
      mail to be lost on some versions of Linux.

1.0b8 (14-Jan-1999)

     - Bug fixes and workarounds for certain Linuxes.

     - Illegal addresses are no longer allowed to be subscribed, from
       any interface.

1.0b7 (31-Dec-1998)

     - Many, many bug fixes.  Some performance improvements for large
       lists.  Some improvements in the Web interfaces.  Some security
       improvements.  Improved compatibility with Python 1.5.

     - bin/convert_list and bin/populate_new_list have been replaced
       by bin/add_members.

     - Admins can now get notification on subscriptions and
       unsubscriptions.  Posts are now logged.

     - The username portion of email addresses are now case-preserved
       for delivery purposes.  All other address comparisions are
       case-insensitive.

     - New default SMTP_MAX_RCPTS that limits the number of "RCPT TO"
       SMTP commands that can be given for a single message.  Most
       MTAs have some hard limit.

     - "Precedence: bulk" header and "List-id:" header are now added
       to all outgoing messages.  The latter is not added if the
       message already has a "List-id:" header.  See RFC 2046 and
       draft-chandhok-listid-02 for details.

     - The standard (as of Python 1.5.2) smtplib.py is now used.

     - The install process now compiles all the .py files in the
       installation.

     - Versions of the Mailman papers given at IPC7 and LISA-98 are
       now included.

1.0b6 (07-Nov-1998)

     - Archiving is (finally) back in.

     - Administrivia filter added.

     - Mail queue mechanism revamped with better concurrency control.

     - For recipients that have estmp MTAs, set delivery notification
       status so that only delivery failure notices are sent out,
       inhibiting 4 hour and N day warning notices.

     - Now expire old unconfirmed subscription requests, rather than
       keeping them forever.

     - Added proposed standard List-Id: header, and our own
       X-MailmanVersion header.

     - Prevent havoc from attempts to subscribe a list to itself.  (!)

     - Refine mail command processing to prevent loops.

     - Pending subscription DB redone with better locking and cleaner 
       interface. 

     - posters functionality expanded.

     - Subscription policy more flexible, sensible, and
       site-configurable.

     - Various and sundry bug fixes.

1.0b5 (27-Jul-1998)

    - New file locking that should be portable and work w/ NFS.

    - Better use of packages.

    - Better error logging and reporting.

    - Less startup overhead.

    - Various and sundry bug fixes.


1.0b4 (03-Jun-1998)
 
    - A configure script for easy installation (Barry Warsaw)

    - The ability to install Mailman to locations other than
      /home/mailman (Barry Warsaw)

    - Use cookies on the admin pages (also hides admin pages from
      others) (Scott Cotton)

    - Subscription requests send a request for confirmation, which may
      be done by simply replying to the message (Scott Cotton)

    - Facilities for gating mail to a newsgroup, and for gating a
      newsgroup to a mailing list (John Viega)

    - Contact the SMTP port instead of calling sendmail (primarily for
      portability) (John Viega)

    - Changed all links on web pages to relative links where appropriate.
      (John Viega)

    - Use MD5 if crypt is not available (John Viega)

    - Lots of fixing up of bounce handling (Ken Manheimer)

    - General UI polishing (Ken Manheimer)

    - mm_html: Make it prominent when the user's delivery is disabled
      on his option page. (Ken Manheimer)

    - mallist:DeleteMember() Delete the option setings if any. (Ken
      Manheimer)

1.0b3 (03-May-1998)

    - mm_message:Deliverer.DeliverToList() added missing newline
      between the headers and message body.  Without it, any sequence
      of initial body lines that _looked_ like headers ("Sir: Please
      excuse my impertinence, but") got treated like headers.

    - Fixed typo which broke subscription acknowledgement message
      (thanks to janne sinkonen for pointing this out promptly after
      release).  (Anyone who applied my intermediate patch will
      probably see this one trigger patch'es reversed-patch
      detector...)

    - Fixed cgi-wrapper.c so it doesn't segfault when invoked with
      improper uid or gid, and generally wrappers are cleaned up a
      bit.

    - Prevented delivery-failure notices for misdirected subscribe-
      confirmation requests from bouncing back to the -request addr,
      and then being treated as failing requests.

      Implemented two measures.  Set the reply-to for the
      confirmation- request to the -request addr, and the sender to be
      the list admin.  This way, bounces go to list admin instead of
      to -request addr.  (Using the errors-to header wasn't
      sufficient.  Thanks, barry, for pointing out the use of sender
      here.)  Second, ignore any mailcommands coming from postmaster
      or non-login system type accounts (mailer-daemon, daemon,
      postoffice, etc.)

    - Reenabled admin setting of web_page_url - crucial for having
      lists use alternate names of a host that occupies multiple
      addresses.

    - Fixed and refined admin-options help mechanism.  Top-level visit
      to general-category (where the "general" isn't in the URL) was
      broken.  New help presentation shows the same row that shows on
      the actual options page.

    - cron/crontab.in crontab template had wrong name for senddigests.

    - Default digest format setting, as distributed, is now non-MIME,
      on urging of reasoned voices asserting that there are still
      enough bad MIME implementations in the world to be a nuisance to
      too many users if MIME is the default.  Sigh.

    - MIME digests now preserve the structure of MIME postings,
      keeping attachments as attachments, etc.  They also are more
      structured in general.

    - Added README instructions explaining how to determine the right
      UID and GID settings for the wrapper executables, and improved
      some of the explanations about exploratory interaction
      w/mailman.

    - Removed the constraint that subscribers have their domain
      included in a static list in the code.  We might want to
      eventually reincorporate the check for the sake of a warning
      message, to give a heads up to the subscriber, but try delivery
      anyway...

    - Added missing titles to error docs.

    - Improved several help details, including particularly explaining
      better how real_name setting is used.

    - Strengthened admonition against setting reply_goes_to_list.

    - Added X-BeenThere header to postings for the sake of prevention
      of external mail loops.

    - Improved handling of bounced messages to better recognize
      members address, and prevent duplicate attempts to react (which
      could cause superfluous notices to administrator).

    - Added __delitem__ method to mm_message.OutgoingMessage, to fix
      the intermediate patch posted just before this one.

    - Using keyword substitution format for more message text (ie,
      "substituting %(such)s into text" % {'such': "something"}) to
      make the substitutions less fragile and, presumably, easier to
      debug.

    - Removed hardwired (and failure-prone) /tmp file logging from
      answer.majordomo_mail, and generally spiffed up following janne
      sinkkonen's lead.
   
1.0b2 (13-Apr-1998)
1.0b1 (09-Apr-1998)

  Web pages much more polished 
   - Better organized, text more finely crafted
   - Easier, more refined layout
   - List info and admin interface overviews, enumerate all public lists
     (via, e.g., http://www.python.org/mailman/listinfo - sans the
     specific list)
   - Admin interface broken into sections, with help elaboration for
     complicated configuration options

  Mailing List Archives
   - Integrated with a newer, *much* improved, external pipermail - to be
     found at http://starship.skyport.net/crew/amk/maintained/pipermail.html
   - Private archives protected with mailing list members passwords,
     cookie-fied.

  Spam prevention
   - New spam prevention measures catch most if not all spam without
     operator intervention or general constraints on who can post to
     list:
       require_explicit_destination option imposes hold of any postings
       that do not have the list name in any of the to or cc header
       destination addresses.  This catches the vast majority of random
       spam.
     Other options (forbidden_posters, bounce_matching_headers) provide
     for filtering of known transgressors.
   - Option obscure_addresses (default on) causes mailing list subscriber
     lists on the web to be slightly mangled so they're not directly
     recognizable as email address by web spiders, which might be
     seeking targets for spammers.

  Site configuration arrangement organized - in mailman/mailman/modules:
   - When installing, create a mailman/modules/mm_cfg.py (if there's not 
     one already there), using mm_cfg.py.dist as a template.
     mm_default.py contains the distributed defaults, including
     descriptions of the values.  mm_cfg.py does a 'from mm_defaults.py
     import *' to get the distributed defaults.  Include settings in
     mm_cfg.py for any values in mm_defaults.py that need to be
     customized for your site, after the 'from .. import *'.
   See mm_cfg.py.dist for more details.

  Logging
   - Major operations (subscription, admin approval, bounce,
     digestification, cgi script failure tracebacks) logged in files
     using a reliable mechanism
   - Wrapper executables log authentication complaints via syslog

  Wrappers
   - All cgi-script wrapper executables combined in a single source,
     easier to configure.  (Mail and aliases wrappers separate.)

  List structure version migration
   - Provision for automatic update of list structures when moving to a
     new version of the system.  See modules/versions.py.

  Code cleaning
   - Many more module docstrings, __version__ settings, more function
     docstrings.
   - Most unqualified exception catches have been replaced with more
     finely targeted catches, to avoid concealing bugs.
   - Lotsa long lines wrapped (pet peeve:).

  Random details (not complete, sorry):
   - make archival frequency a list option
   - Option for daily digest dispatch, in addition to size threshhold
   - make sure users only get one periodic password notifcation message for
     all the lists they're on (repaired 1.0b1.1 varying-case mistake)
   - Fix rmlist sans-argument bug causing deletion of all lists!
   - doubled generated random passwords to four letters
   - Cleaned lots and lots of notices
   - Lots and lots of html page cleanup, including table-of-contents, etc
   - Admin options sections - don't do the "if so" if the ensuing list
     is empty
   - Prevent list subject-prefix cascade
   - Sources under CVS
   - Various spam filters - implicit-destination, header-field
   - Adjusted permissions for group access
   - Prevent redundant subscription from redundant vetted requests
   - Instituted centralize, robustish logging
   - Wrapper sources use syslog for logging (john viega)
   - Sorting of users done on presentation, not in list.
   - Edit options - give an error for non-existent users, not an options page.
   - Bounce handling - offer 'disable' option, instead of remove, and
     never remove without notifying admin
   - Moved subscribers off of listinfo (and made private lists visible
     modulo authentication) 
   - Parameterize default digest headers and footers and create some
   - Put titles on cgi result pages that do not get titles (all?)
   - Option for immediate admin notifcation via email of pending
     requests, as well as periodic 
   - Admin options web-page help
   - Enabled grouped and cascading lists despite implicit-name constraint
   - Changed subscribers list so it has its own script (roster)
   - Welcome pages: http://www.python.org/mailman/{admin,listinfo}/

0.95 (25-Jan-1997)
  - Fixed a bug in sending out digests added when adding disable mime option.
  - Added an option to not notify about bounced posts.
  - Added hook for pre-posting filters.  These could be used to
    auto-strip signatures.  I'm using the feature to auto-strip footers
    that are auto-generated by mail received from another mailing list.

0.94 (22-Jan-1997)
  - Made admin password work ubiquitously in place of a user password.
  - Added an interface for getting / setting user options.
  - Added user option to disable mime digests (digested people only)
  - Added user option to not receive your own posts (nondigested people only)
  - Added user option to ack posts
  - Added user option to disable list delivery to their box.
  - Added web interface to user options
  - Config number of sendmail spawns on a per-list basis
  - Fixed extra space at beginning of each message in digests...
  - Handled comma separated emails in bounce messages...
  - Added a FindUser() function to MailList.  Used it where appropriate.
  - Added mail interface to setting list options.
  - Added name links to the templates options page
  - Added an option so people can hide their names from the subscription list.
  - Added an answer_majordomo_mail script for people switching...

0.93 (18/20-Jan-1997)
  -  When delivering to list, don't call sendmail directly.  Write to a file,
     and then run the new deliver script, which forks and exits in the parent
     immediately to avoid hanging when delivering mail for large lists, so that
     large lists don't spend a lot of time locked.
  -  GetSender() no longer assumes that you don't have an owner-xxx address.
  -  Fixed unsubscribing via mail.
  -  Made subscribe via mail generate a password if you don't supply one.  
  -  Added an option to clobber the date in the archives to the date the list
     resent the post, so that the archive doesn't get mail from people sending
      bad dates clumped up at the beginning or end.
  -  Added automatic error message processing as an option.  Currently
     logging to /tmp/bounce.log 
  -  Changed archive to take a list as an argument, (the old way was broken)
  -  Remove (ignore) spaces in email addresses
  -  Allow user passwords to be case insensitive.
  -  Removed the cleanup script since it was now redundant.
  -  Fixed archives if there were no archives.
  -  Added a Lock() call to Load() and Create().  This fixes the
     problem of loading then locking. 
  -  Removed all occurances of Lock() except for the ones in mailing
     list since creating a list 
     now implicitly locks it. 
  -  Quote single periods in message text.
  - Made bounce system handle digest users fairly.

0.92 (13/16-Jan-1997)
  -  Added Lock and Unlock methods to list to ensure each operation is atomic
  -  Added a cmd that rms all files of a mailing list (but not the aliases)
  -  Fixed subscribing an unknown user@localhost (confirm this)
  -  Changed the sender to list-admin@... to ensure we avoid mail loops.
  -  check to make sure there are msgs to archive before calling pipermail.
  -  started using this w/ real mailing lists.
  -  Added a cron script that scours the maillog for User/Host unknown errs
  -  Sort membership lists
  -  Always display digest_is_default option
  -  Don't slam the TO list unless you're sending a digest.
  -  When making digest summaries, if missing sender name, use their email.
  -  Hacked in some protection against crappy dates in pipermail.py
  -  Made it so archive/digest volumes can go up monthly for large large lists.
  -  Number digest messages
  -  Add headers/footers to each message in digest for braindead mailers
  -  I removed some forgotten debug statements that caused server errors
         when a CGI script sent mail.
  -  Removed loose_matches flag, since everything used it.
  -  Fixed a problem in pipermail if there was no From line.
  -  In upvolume_ scripts, remove INDEX files as we leave a volume.
  -  Threw a couple of scripts in bin for generating archives from majordomo's
     digest-archives.  I wouldn't recommend them for the layman, though, they
     were meant to do a job quickly, not to be usable.

0.91 (23-Dec-1996)
  -  broke code into mixins for managability
  -  tag parsing instead of lots of gsubs
  -  tweaked pipermail (see comments on pipermail header)
  -  templates are now on a per-list basis as intended.
  -  request over web that your password be emailed to you.
  -  option so that web subscriptions require email confirmation. 
  -  wrote a first pass at an admin interface to configurable variables.
  -  made digests mime-compliant.
  -  added a FakeFile class that simulates enough of a file object on a
	string of text to fool rfc822.Message in non-seek mode.
  -  changed OutgoingMessage not to require its args in constructor.
  -  added an admin request DB interface.
  -  clearly separated the internal name from the real name.
  -  replaced lots of ugly, redundant code w/ nice code.  
	(added Get...Email() interfaces, GetScriptURL, etc...)
  -  Wrote a lot of pretty html formatting functions / classes. 
  -  Fleshed out the newlist command a lot.  It now mails the new list 
	admin, and auto-updates the aliases file.  
  -  Made multiple owners acceptable.
  -  Non-advertised lists, closed lists, max header length, max msg length
  -  Allowed editing templates from list admin pages.
  -  You can get to your info page from the web even if the list is closed.


Local Variables:
mode: indented-text
indent-tabs-mode: nil
End:
