MailMan - Make it configurable on a site basis, not server wide ( PCI-DSS Compliance )
Open Discussion
Please change the configuration of MAILMAN so that access can be controlled on a site basis rather than server wide basis.
We operate on a shared server where other users need to use MailMan. This means that we cannot pass PCI compliance as the only solution is to alter the configuration server wide (redirect to SSL or disable).
Currently, as I understand it, no shared server where some sites/users need to access MailMan (without SSL) can pass PCI-DSS complaince [world wide issue].
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
Shared servers will rarely pass PCI compliance, it's also only going to be a hack/fake pass if you do manage to while having MailMan work on other accounts/IP's as the vulnerability/weakness still remains. If you need PCI compliance you should be running your applications on a private server.
Shared servers will rarely pass PCI compliance, it's also only going to be a hack/fake pass if you do manage to while having MailMan work on other accounts/IP's as the vulnerability/weakness still remains. If you need PCI compliance you should be running your applications on a private server.
Replies have been locked on this page!