diff --git a/examples/ezmlmwebrc.dist b/examples/ezmlmwebrc.dist
index 889243c..c55f70f 100644
--- a/examples/ezmlmwebrc.dist
+++ b/examples/ezmlmwebrc.dist
@@ -38,6 +38,16 @@ $LIST_DIR = "$HOME_DIR/lists";
 # defaults to "$LIST_DIR/webusers"
 #$WEBUSERS_FILE = "$LIST_DIR/webusers";
 
+# if no webusers file, grant list creation by default
+# 0 - don't grant creation if webusers file doesn't exist
+# 1 - grant creation if webusers file doesn't exist
+#$NO_WEBUSERS_CREATE = 1;
+
+# if no webusers file, grant access by default
+# 0 - don't grant access to all lists if webusers file doesn't exist
+# 1 - grant access to all lists if webusers file doesn't exist
+#$NO_WEBUSERS_ACCESSALL = 1;
+
 # Where are the language files
 # usually something like /usr/local/share/ezmlm-web/lang
 $LANGUAGE_DIR = "/usr/local/share/ezmlm-web/lang";
diff --git a/ezmlm-web.cgi b/ezmlm-web.cgi
index 0474ee3..41b669e 100755
--- a/ezmlm-web.cgi
+++ b/ezmlm-web.cgi
@@ -89,10 +89,11 @@ use vars qw[$HOME_DIR]; $HOME_DIR=$tmp[7];
 # some configuration settings
 use vars qw[$DEFAULT_OPTIONS $UNSAFE_RM $ALIAS_USER $LIST_DIR];
 use vars qw[$QMAIL_BASE $PRETTY_NAMES $DOTQMAIL_DIR];
-use vars qw[$FILE_UPLOAD $WEBUSERS_FILE $MAIL_DOMAIN $HTML_TITLE];
+use vars qw[$FILE_UPLOAD $MAIL_DOMAIN $HTML_TITLE];
 use vars qw[$TEMPLATE_DIR $LANGUAGE_DIR $HTML_LANGUAGE];
 use vars qw[$HTML_CSS_COMMON $HTML_CSS_COLOR];
 use vars qw[$MAIL_ADDRESS_PREFIX @HTML_LINKS];
+use vars qw[$WEBUSERS_FILE $NO_WEBUSERS_CREATE $NO_WEBUSERS_ACCESSALL];
 # default interface template (basic/normal/expert)
 use vars qw[$DEFAULT_INTERFACE_TYPE];
 # some settings for encrypted mailing lists
@@ -169,6 +170,12 @@ if (defined($opt_d)) {
 # then use former default value for compatibility
 $WEBUSERS_FILE = $LIST_DIR . '/webusers' unless (defined($WEBUSERS_FILE));
 
+# if no webusers file, grant list creation by defautlt
+$NO_WEBUSERS_CREATE = 1 unless defined($NO_WEBUSERS_CREATE);
+
+# if no webusers file, grant access to all lists by default
+$NO_WEBUSERS_ACCESSALL = 1 unless defined($NO_WEBUSERS_ACCESSALL);
+
 # check for non-default dotqmail directory
 $DOTQMAIL_DIR = $HOME_DIR unless defined($DOTQMAIL_DIR);
 
@@ -2330,7 +2337,7 @@ sub webauth {
 	my $listname = shift;
    
 	# Check if webusers file exists - if not, then access is granted
-	return (0==0) if (! -e "$WEBUSERS_FILE");
+	return ($NO_WEBUSERS_ACCESSALL) if (! -e "$WEBUSERS_FILE");
 
 	# if there was no user authentication, then everything is allowed
 	return (0==0) if (!defined($ENV{REMOTE_USER}) or ($ENV{REMOTE_USER} eq ''));
@@ -2376,7 +2383,7 @@ sub webauth_create_allowed {
 	return (0==0) if (!defined($ENV{REMOTE_USER}) || ($ENV{REMOTE_USER} eq ''));
 
 	# Check if webusers file exists - if not, then access is granted
-	return (0==0) if (! -e "$WEBUSERS_FILE");
+	return ($NO_WEBUSERS_CREATE) if (! -e "$WEBUSERS_FILE");
 
 	# Read create-permission from webusers file.
 	# the special listname "ALLOW_CREATE" controls, who is allowed to do it