[Mailman-Users] prevent address spoofs [dnk]
JC Dill
lists05 at equinephotoart.com
Fri Jan 27 01:09:30 CET 2006
Dustin Krysak wrote:
> Good day -- I am looking at using mailman for a list that will just
> have 1 -4 addresses that will be authorized to actually post to the
> list. I am also looking for a way to manage list members with a web
> interface as well as the usual subscription type functions. Now one
> of my main concerns is if someone actually spoofs one of the
> authorized email addresses. Does mailman have a good security measure
> for preventing that? That is without having to approve every post
> through a web interface?
One way to accomplish your goal is set-up your list as an announcement
list where every message must be approved before sending on to the
subscribers. Then you give the 4 individuals the moderator approval
password and they include that password in the headers or first line of
each post they make to the list. Mailman strips off the approval line
and then sends the message on to the list subscribers. If someone
forged one of these senders when sending to the list the message would
be held for approval because it didn't have the password.
See:
<http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq03.034.htp>
jc
More information about the Mailman-Users
mailing list