Opened 16 months ago

Last modified 16 months ago

#12660 assigned Question/How do I...?

Exporting email list members including the names and not just the emails

Reported by: https://id.mayfirst.org/peoplesvoice Owned by: https://id.mayfirst.org/jaimev
Priority: Medium Component: Tech
Keywords: mailman Cc: https://id.mayfirst.org/jamie, https://id.mayfirst.org/dkg
Sensitive: no

Description

I would like to be able to regularly update a backup of my organization's email list. It is easy to see the list of just the emails. But I have been looking on the internet for hours trying to find out how to do it to include member's names. I don't like the "who/password" idea, and continually changing my password. None of the posts that talk about bin commands explain how to do it on a mac, and where to put what info. Those posts all assume a lot of knowledge. Someplace I read that later versions of Mailman show both the email and name from the easy "view subscriber list" location -- is that true, and how does one upgrade? I did read your page on "How do I get a list of subscribers to my mailman list?", and didn't find an answer I am happy with.

Change History (8)

comment:1 Changed 16 months ago by https://id.mayfirst.org/jaimev

  • Keywords mailman added
  • Owner set to https://id.mayfirst.org/jaimev
  • Status changed from new to assigned

Hi,

There is another very easy way for you to receive that list directly from mailman. Try sending an e-mail from the same address that is listed as the list administrator for your list to listname-request@lists.mayfirst.org , example: peoplesvoicecafe-request@…

Include the subject "help" without quotes and only the following in the body of your message.

who <listpassword>

Replace <listpassword> with your actual admin password for the list. Mailman will send the list of subscribers back to you by e-mail. I believe it includes the full subscriber names as well.

https://wiki.list.org/DOC/How%20do%20I%20extract%20%28export%29%20a%20list%20of%20my%20list's%20members%20%28subscribers%29%3F

comment:2 Changed 16 months ago by https://id.mayfirst.org/peoplesvoice

I did try that and it worked, after a number of tries to get the from and password right -- there are a bunch of them and I didn't know which was which, but I will for the future.

I wish there was a way where I didn't have to change my password afterwards.

Thank you!

comment:3 Changed 16 months ago by https://id.mayfirst.org/peoplesvoice

Also, the other thing I got wrong at first was that I put the password inside those brackets, and you're not supposed to. It's just: who password

What confused me about the passwords was that there is a password for the administrative panel, and a different one to get onto the list, so I didn't know which one was "admin password for the list." Finally got the correct password in the right format at the same time as the correct "from," which was also confusing, because there's my personal membership, and a few that send posts to the list and moderate it, and they have various passwords.

Thanks again!

comment:4 Changed 16 months ago by https://id.mayfirst.org/peoplesvoice

So to try to summarize in a very basic way, for other people with this problem, trying to think of everything that can go wrong. This is not too different from what you said above:

Send an email FROM: The administrator email address that is used to moderate the list and send out posts.

Address that email TO: listname-request at lists.mayfirst.org

Example: peoplesvoicecafe-request@…

(The program that creates tickets seems to take off the mayfirst address if I type in the actual real "at" sign, but put it in when you write your email.)

SUBJECT line:

Help

BODY of email:

Just the word Who and then the password that lets you sign onto the list to moderate

Who (password) -- but leave off any brackets

Example: Who XxxYyyZzz

comment:5 Changed 16 months ago by https://id.mayfirst.org/peoplesvoice

And I have read in various places that if you use this method, you should then change your list password (the administrator password).

comment:6 follow-up: Changed 16 months ago by https://id.mayfirst.org/jaimev

Hi, sorry about the confusion. That style of including text to be replaces in brackets is sometimes used in our technical documentation but I can see how that isn't always clear for everyone. I'm going to add your version of the summary to our documentation.

I won't say that the recommendation to change the admin password is incorrect, that is probably good advice under unknown conditions, but I will add the following considerations:

  1. If you are using a May First e-mail account to administrate your list and you are not forwarding this e-mail address to a third party service, then you can be sure that your mail stays within our network. If you subsequently delete this mail from your sent mail folders it will be deleted from our servers, as opposed to commercial providers like gmail that actually never really delete anything ever.
  1. If you are sure you are using STARTTLS or TLS to connect to the mail.mayfirst.org SMTP server or directly using our webmail interface at https://roundcube.mayfirst.org then your mail will be encrypted in transit using TLS encryption. This provides a reasonable level of transport security so that it should not be possible to capture a plain text copy of your e-mail in transit to our servers.

Granted, there are valid critiques of the TLS certificate system and it may not be enough to protect your e-mail from a targeted man in the middle attack on your person by a well funded adversary, but keep in mind this is the same system that protects your password access to almost all online internet services, shopping and banking sites, so it is the current standard.

If the content of your e-mail list requires a higher level of security than TLS encryption can offer then even logging in vía the mailman web interface may not be enough protection and we should discuss alternatives that implement end to end encryption for all subscribers.

Otherwise I think if both 1 and 2 above are true then it is reasonably safe to use your mailman admin password this way.

comment:7 in reply to: ↑ 6 Changed 16 months ago by https://id.mayfirst.org/jaimev

  • Cc https://id.mayfirst.org/jamie https://id.mayfirst.org/dkg added

Before I edit the text of https://support.mayfirst.org/wiki/mailman_subscriber_list#Alternateoption , I will copy both jamie and dkg here. If either of you have a chance I'd like your opinion of my comments about the security of using the e-mail based mailman commands.

Replying to https://id.mayfirst.org/jaimev:

I won't say that the recommendation to change the admin password is incorrect, that is probably good advice under unknown conditions, but I will add the following considerations:

  1. If you are using a May First e-mail account to administrate your list and you are not forwarding this e-mail address to a third party service, then you can be sure that your mail stays within our network. If you subsequently delete this mail from your sent mail folders it will be deleted from our servers, as opposed to commercial providers like gmail that actually never really delete anything ever.
  1. If you are sure you are using STARTTLS or TLS to connect to the mail.mayfirst.org SMTP server or directly using our webmail interface at https://roundcube.mayfirst.org then your mail will be encrypted in transit using TLS encryption. This provides a reasonable level of transport security so that it should not be possible to capture a plain text copy of your e-mail in transit to our servers.

Granted, there are valid critiques of the TLS certificate system and it may not be enough to protect your e-mail from a targeted man in the middle attack on your person by a well funded adversary, but keep in mind this is the same system that protects your password access to almost all online internet services, shopping and banking sites, so it is the current standard.

If the content of your e-mail list requires a higher level of security than TLS encryption can offer then even logging in vía the mailman web interface may not be enough protection and we should discuss alternatives that implement end to end encryption for all subscribers.

Otherwise I think if both 1 and 2 above are true then it is reasonably safe to use your mailman admin password this way.

comment:8 Changed 16 months ago by https://id.mayfirst.org/jamie

Those seem like useful additions to the documentation to me.

And, number 2 can be simplified: you cannot access your email from our servers without using either STARTTLS or TLS - that should be enforced.

Thanks for moving this forward!

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.