[Mailman-Users] security on an announce-only list
Jeroen Valcke
jeroen.valcke at belnet.be
Mon Jun 16 11:57:29 CEST 2003
To answer my own question.
There's an entry in the FAQ on this.
http://www.python.org/cgi-bin/faqw-mm.py?req=all#3.11
Best thing to do is use the approve header or an approve line in the
msg.
However I would like to know if a seperate moderation would be possible.
Or alternatively restrict the address that can post to the list (even
with the approve passwd)
There are some methods in this faq entry but none seem to combine
approved passwd and address check.
-Jeroen-
On Mon, Jun 16, 2003 at 10:31:23AM +0200, Jeroen Valcke wrote:
> I created an announce-only list. To do this in 'Privacy section' I set
> the moderation on, the poster receives a rejection notice which explains
> that this is an announce-only list.
>
> In 'membership management' I disabled moderation for people who should
> be able to send msgs to the list.
>
> There is however a potential problem with this approach. Suppose that
> the pc of one of these authorized posters gets infected with a virus.
> The virus could propagate on the list.
>
> Or somebody could pretend to be an authorized posters by spoofing the
> from address and the msg would be distributed on the list.
>
> I would like to activate an alternate moderation action for the members
> who are allowed to post to the list.
>
> However I don't immediately see a way to implement this. Any ideas? How
> are you handling this?
--
Jeroen Valcke
sst at belnet.be
jeroen.valcke at belnet.be
More information about the Mailman-Users
mailing list