diff --git a/playbooks/roles/mailman-site/templates/mailman_multihost.vhost.j2 b/playbooks/roles/mailman-site/templates/mailman_multihost.vhost.j2
index 60e2dd173f..2aef336120 100644
--- a/playbooks/roles/mailman-site/templates/mailman_multihost.vhost.j2
+++ b/playbooks/roles/mailman-site/templates/mailman_multihost.vhost.j2
@@ -9,61 +9,7 @@
 
 	CustomLog ${APACHE_LOG_DIR}/{{ mailman_site.listdomain }}-access.log combined
 
-	DocumentRoot /var/www
-
-RewriteEngine on
-# TODO(fungi): convert this vhost into a blanket redirect to HTTPS when ready
-RewriteRule ^/$ /cgi-bin/mailman/listinfo [R]
-RewriteCond %{HTTP_HOST} ^lists\.openstack\.org$ [nocase]
-RewriteRule /(cgi-bin/mailman/listinfo|pipermail)/(community|foundation|foundation-board|foundation-board-confidential|goldmembers|marketing|staff|summitsponsors)(/.*|$) %{REQUEST_SCHEME}://lists.openinfra.dev/$1/$2$3 [last,redirect=permanent]
-RewriteCond %{HTTP_HOST} ^lists\.openstack\.org$ [nocase]
-RewriteRule /(cgi-bin/mailman/listinfo|pipermail)/(edge-computing)(/.*|$) %{REQUEST_SCHEME}://lists.opendev.org/$1/$2$3 [last,redirect=permanent]
-
-# We can find mailman here:
-ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/
-# And the public archives:
-Alias /pipermail/ /srv/mailman/{{ mailman_site.name }}/archives/public/
-# Logos:
-Alias /images/mailman/ /usr/share/images/mailman/
-
-# Use this if you don't want the "cgi-bin" component in your URL:
-# In case you want to access mailman through a shorter URL you should enable
-# this:
-#ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
-# In this case you need to set the DEFAULT_URL_PATTERN in
-# /etc/mailman/mm_cfg.py to http://%s/mailman/ for the cookie
-# authentication code to work.  Note that you need to change the base
-# URL for all the already-created lists as well.
-
-<Directory /usr/lib/cgi-bin/mailman/>
-    AllowOverride None
-    Options ExecCGI
-    AddHandler cgi-script .cgi
-    SetEnv HOST {{ mailman_site.listdomain }}
-    Order allow,deny
-    Allow from all
-    <IfVersion >= 2.4>
-        Require all granted
-    </IfVersion>
-</Directory>
-<Directory /srv/mailman/{{ mailman_site.name }}/archives/public/>
-    Options FollowSymlinks
-    AllowOverride None
-    Order allow,deny
-    Allow from all
-    <IfVersion >= 2.4>
-        Require all granted
-    </IfVersion>
-</Directory>
-<Directory /usr/share/images/mailman/>
-    AllowOverride None
-    Order allow,deny
-    Allow from all
-    <IfVersion >= 2.4>
-        Require all granted
-    </IfVersion>
-</Directory>
-
+	RedirectPermanent / https://{{ mailman_site.listdomain }}/
 </VirtualHost>
 
 <VirtualHost *:443>
diff --git a/playbooks/roles/mailman-site/templates/mm_site_cfg.py.j2 b/playbooks/roles/mailman-site/templates/mm_site_cfg.py.j2
index 74cdb8dc7b..3f00829d3e 100644
--- a/playbooks/roles/mailman-site/templates/mm_site_cfg.py.j2
+++ b/playbooks/roles/mailman-site/templates/mm_site_cfg.py.j2
@@ -57,7 +57,7 @@ MAILMAN_SITE_LIST = 'mailman'
 #-------------------------------------------------------------
 # If you change these, you have to configure your http server
 # accordingly (Alias and ScriptAlias directives in most httpds)
-DEFAULT_URL_PATTERN = 'http://%s/cgi-bin/mailman/'
+DEFAULT_URL_PATTERN = 'https://%s/cgi-bin/mailman/'
 PRIVATE_ARCHIVE_URL = '/cgi-bin/mailman/private'
 IMAGE_LOGOS         = '/images/mailman/'
 
diff --git a/playbooks/roles/mailman/templates/mailman.vhost.j2 b/playbooks/roles/mailman/templates/mailman.vhost.j2
index 5ef04c0328..5de22fa031 100644
--- a/playbooks/roles/mailman/templates/mailman.vhost.j2
+++ b/playbooks/roles/mailman/templates/mailman.vhost.j2
@@ -9,56 +9,7 @@
 
 	CustomLog ${APACHE_LOG_DIR}/{{ mailman_listdomain }}-access.log combined
 
-	DocumentRoot /var/www
-
-RewriteEngine on
-# TODO(fungi): convert this vhost into a blanket redirect to HTTPS when ready
-RewriteRule ^/$ /cgi-bin/mailman/listinfo [R]
-
-# We can find mailman here:
-ScriptAlias /cgi-bin/mailman/ /usr/lib/cgi-bin/mailman/
-# And the public archives:
-Alias /pipermail/ /var/lib/mailman/archives/public/
-# Logos:
-Alias /images/mailman/ /usr/share/images/mailman/
-
-# Use this if you don't want the "cgi-bin" component in your URL:
-# In case you want to access mailman through a shorter URL you should enable
-# this:
-#ScriptAlias /mailman/ /usr/lib/cgi-bin/mailman/
-# In this case you need to set the DEFAULT_URL_PATTERN in
-# /etc/mailman/mm_cfg.py to http://%s/mailman/ for the cookie
-# authentication code to work.  Note that you need to change the base
-# URL for all the already-created lists as well.
-
-<Directory /usr/lib/cgi-bin/mailman/>
-    AllowOverride None
-    Options ExecCGI
-    AddHandler cgi-script .cgi
-    Order allow,deny
-    Allow from all
-    <IfVersion >= 2.4>
-        Require all granted
-    </IfVersion>
-</Directory>
-<Directory /var/lib/mailman/archives/public/>
-    Options FollowSymlinks
-    AllowOverride None
-    Order allow,deny
-    Allow from all
-    <IfVersion >= 2.4>
-        Require all granted
-    </IfVersion>
-</Directory>
-<Directory /usr/share/images/mailman/>
-    AllowOverride None
-    Order allow,deny
-    Allow from all
-    <IfVersion >= 2.4>
-        Require all granted
-    </IfVersion>
-</Directory>
-
+	RedirectPermanent / https://{{ mailman_listdomain }}/
 </VirtualHost>
 
 <VirtualHost *:443>
diff --git a/playbooks/roles/mailman/templates/mm_cfg.py.j2 b/playbooks/roles/mailman/templates/mm_cfg.py.j2
index 1a8516109f..c165432728 100644
--- a/playbooks/roles/mailman/templates/mm_cfg.py.j2
+++ b/playbooks/roles/mailman/templates/mm_cfg.py.j2
@@ -57,7 +57,7 @@ MAILMAN_SITE_LIST = 'mailman'
 #-------------------------------------------------------------
 # If you change these, you have to configure your http server
 # accordingly (Alias and ScriptAlias directives in most httpds)
-DEFAULT_URL_PATTERN = 'http://%s/cgi-bin/mailman/'
+DEFAULT_URL_PATTERN = 'https://%s/cgi-bin/mailman/'
 PRIVATE_ARCHIVE_URL = '/cgi-bin/mailman/private'
 IMAGE_LOGOS         = '/images/mailman/'
 
diff --git a/testinfra/test_lists_k_i.py b/testinfra/test_lists_k_i.py
index a56b76d3cd..8768c9ea3a 100644
--- a/testinfra/test_lists_k_i.py
+++ b/testinfra/test_lists_k_i.py
@@ -17,11 +17,15 @@ def test_mm_list_is_present(host):
     assert 'kata-dev' in cmd.stdout
 
 def test_mm_list_site(host):
-    cmd = host.run('curl '
-                   '--resolve lists.katacontainers.io:80:127.0.0.1 '
-                   'http://lists.katacontainers.io/cgi-bin/mailman/listinfo')
-    assert '<TITLE>lists.katacontainers.io Mailing Lists</TITLE>' in cmd.stdout
     cmd = host.run('curl --insecure '
                    '--resolve lists.katacontainers.io:443:127.0.0.1 '
                    'https://lists.katacontainers.io/cgi-bin/mailman/listinfo')
     assert '<TITLE>lists.katacontainers.io Mailing Lists</TITLE>' in cmd.stdout
+
+def test_mm_list_site_redirect_http(host):
+    cmd = host.run('curl '
+                   '--resolve lists.katacontainers.io:80:127.0.0.1 '
+                   'http://lists.katacontainers.io/cgi-bin/mailman/listinfo')
+    assert ('The document has moved <a href="'
+            'https://lists.katacontainers.io/cgi-bin/mailman/listinfo'
+            '">here</a>') in cmd.stdout
diff --git a/testinfra/test_lists_o_o.py b/testinfra/test_lists_o_o.py
index df2f6ebe4a..b7a8ccee42 100644
--- a/testinfra/test_lists_o_o.py
+++ b/testinfra/test_lists_o_o.py
@@ -32,82 +32,83 @@ def test_mm_list_is_present(host):
     assert 'zuul-discuss' in cmd.stdout
 
 def test_mm_list_site(host):
-    cmd = host.run('curl '
-                   '--resolve lists.airshipit.org:80:127.0.0.1 '
-                   'http://lists.airshipit.org/cgi-bin/mailman/listinfo')
-    assert '<TITLE>lists.airshipit.org Mailing Lists</TITLE>' in cmd.stdout
     cmd = host.run('curl --insecure '
                    '--resolve lists.airshipit.org:443:127.0.0.1 '
                    'https://lists.airshipit.org/cgi-bin/mailman/listinfo')
     assert '<TITLE>lists.airshipit.org Mailing Lists</TITLE>' in cmd.stdout
-    cmd = host.run('curl '
-                   '--resolve lists.opendev.org:80:127.0.0.1 '
-                   'http://lists.opendev.org/cgi-bin/mailman/listinfo')
-    assert '<TITLE>lists.opendev.org Mailing Lists</TITLE>' in cmd.stdout
     cmd = host.run('curl --insecure '
                    '--resolve lists.opendev.org:443:127.0.0.1 '
                    'https://lists.opendev.org/cgi-bin/mailman/listinfo')
     assert '<TITLE>lists.opendev.org Mailing Lists</TITLE>' in cmd.stdout
-    cmd = host.run('curl '
-                   '--resolve lists.openinfra.dev:80:127.0.0.1 '
-                   'http://lists.openinfra.dev/cgi-bin/mailman/listinfo')
-    assert '<TITLE>lists.openinfra.dev Mailing Lists</TITLE>' in cmd.stdout
     cmd = host.run('curl --insecure '
                    '--resolve lists.openinfra.dev:443:127.0.0.1 '
                    'https://lists.openinfra.dev/cgi-bin/mailman/listinfo')
     assert '<TITLE>lists.openinfra.dev Mailing Lists</TITLE>' in cmd.stdout
-    cmd = host.run('curl '
-                   '--resolve lists.openstack.org:80:127.0.0.1 '
-                   'http://lists.openstack.org/cgi-bin/mailman/listinfo')
-    assert '<TITLE>lists.openstack.org Mailing Lists</TITLE>' in cmd.stdout
     cmd = host.run('curl --insecure '
                    '--resolve lists.openstack.org:443:127.0.0.1 '
                    'https://lists.openstack.org/cgi-bin/mailman/listinfo')
     assert '<TITLE>lists.openstack.org Mailing Lists</TITLE>' in cmd.stdout
-    cmd = host.run('curl '
-                   '--resolve lists.starlingx.io:80:127.0.0.1 '
-                   'http://lists.starlingx.io/cgi-bin/mailman/listinfo')
-    assert '<TITLE>lists.starlingx.io Mailing Lists</TITLE>' in cmd.stdout
     cmd = host.run('curl --insecure '
                    '--resolve lists.starlingx.io:443:127.0.0.1 '
                    'https://lists.starlingx.io/cgi-bin/mailman/listinfo')
     assert '<TITLE>lists.starlingx.io Mailing Lists</TITLE>' in cmd.stdout
-    cmd = host.run('curl '
-                   '--resolve lists.zuul-ci.org:80:127.0.0.1 '
-                   'http://lists.zuul-ci.org/cgi-bin/mailman/listinfo')
-    assert '<TITLE>lists.zuul-ci.org Mailing Lists</TITLE>' in cmd.stdout
     cmd = host.run('curl --insecure '
                    '--resolve lists.zuul-ci.org:443:127.0.0.1 '
                    'https://lists.zuul-ci.org/cgi-bin/mailman/listinfo')
     assert '<TITLE>lists.zuul-ci.org Mailing Lists</TITLE>' in cmd.stdout
 
-def test_mm_list_site_redirect_listinfo_http(host):
+def test_mm_list_site_redirect_http(host):
+    cmd = host.run('curl '
+                   '--resolve lists.airshipit.org:80:127.0.0.1 '
+                   'http://lists.airshipit.org/cgi-bin/mailman/listinfo')
+    assert ('The document has moved <a href="'
+            'https://lists.airshipit.org/cgi-bin/mailman/listinfo'
+            '">here</a>') in cmd.stdout
+    cmd = host.run('curl '
+                   '--resolve lists.opendev.org:80:127.0.0.1 '
+                   'http://lists.opendev.org/cgi-bin/mailman/listinfo')
+    assert ('The document has moved <a href="'
+            'https://lists.opendev.org/cgi-bin/mailman/listinfo'
+            '">here</a>') in cmd.stdout
+    cmd = host.run('curl '
+                   '--resolve lists.openinfra.dev:80:127.0.0.1 '
+                   'http://lists.openinfra.dev/cgi-bin/mailman/listinfo')
+    assert ('The document has moved <a href="'
+            'https://lists.openinfra.dev/cgi-bin/mailman/listinfo'
+            '">here</a>') in cmd.stdout
     cmd = host.run('curl '
                    '--resolve lists.openstack.org:80:127.0.0.1 '
-                   'http://lists.openstack.org/cgi-bin/mailman/listinfo/staff')
+                   'http://lists.openstack.org/cgi-bin/mailman/listinfo')
     assert ('The document has moved <a href="'
-            'http://lists.openinfra.dev/cgi-bin/mailman/listinfo/staff'
+            'https://lists.openstack.org/cgi-bin/mailman/listinfo'
             '">here</a>') in cmd.stdout
-    cmd = host.run('curl --location '
-                   '--resolve lists.openinfra.dev:80:127.0.0.1 '
-                   '--resolve lists.openstack.org:80:127.0.0.1 '
-                   'http://lists.openstack.org/cgi-bin/mailman/listinfo/staff')
+    cmd = host.run('curl '
+                   '--resolve lists.starlingx.io:80:127.0.0.1 '
+                   'http://lists.starlingx.io/cgi-bin/mailman/listinfo')
+    assert ('The document has moved <a href="'
+            'https://lists.starlingx.io/cgi-bin/mailman/listinfo'
+            '">here</a>') in cmd.stdout
+    cmd = host.run('curl '
+                   '--resolve lists.zuul-ci.org:80:127.0.0.1 '
+                   'http://lists.zuul-ci.org/cgi-bin/mailman/listinfo')
+    assert ('The document has moved <a href="'
+            'https://lists.zuul-ci.org/cgi-bin/mailman/listinfo'
+            '">here</a>') in cmd.stdout
+
+def test_mm_list_site_redirect_listinfo(host):
+    cmd = host.run('curl --insecure '
+                   '--resolve lists.openstack.org:443:127.0.0.1 '
+                   'https://lists.openstack.org/cgi-bin/mailman/listinfo/staff')
+    assert ('The document has moved <a href="'
+            'https://lists.openinfra.dev/cgi-bin/mailman/listinfo/staff'
+            '">here</a>') in cmd.stdout
+    cmd = host.run('curl --insecure --location '
+                   '--resolve lists.openinfra.dev:443:127.0.0.1 '
+                   '--resolve lists.openstack.org:443:127.0.0.1 '
+                   'https://lists.openstack.org/cgi-bin/mailman/listinfo/staff')
     assert '<TITLE>Staff Info Page</TITLE>' in cmd.stdout
 
-def test_mm_list_site_redirect_archives_http(host):
-    cmd = host.run('curl '
-                   '--resolve lists.openstack.org:80:127.0.0.1 '
-                   'http://lists.openstack.org/pipermail/staff/')
-    assert ('The document has moved <a href="'
-            'http://lists.openinfra.dev/pipermail/staff/'
-            '">here</a>') in cmd.stdout
-    cmd = host.run('curl --location '
-                   '--resolve lists.openinfra.dev:80:127.0.0.1 '
-                   '--resolve lists.openstack.org:80:127.0.0.1 '
-                   'http://lists.openstack.org/pipermail/staff/')
-    assert '<h1>The Staff Archives </h1>' in cmd.stdout
-
-def test_mm_list_site_redirect_archives_https(host):
+def test_mm_list_site_redirect_archives(host):
     cmd = host.run('curl --insecure '
                    '--resolve lists.openstack.org:443:127.0.0.1 '
                    'https://lists.openstack.org/pipermail/staff/')