[Mailman-Users] FW: No One Can Post a Message but the Server
Dragon
dragon at crimson-dragon.com
Tue Jul 18 03:40:46 CEST 2006
Greg Sims sent the message below at 06:32 PM 7/17/2006:
>Thanks Patrick!
>
>It appears this password is striped from the email header before it is sent
>out. This is important as the list password would be disclosed to everyone!
Yes, the Approved: line with the password gets stripped from the mail
if and ONLY if it meets one of two criteria.
1. It is the very first line in the body of the e-mail, there can be
no other lines before it.
2. It is used as a header (I think this is really the best approach
if you can do it, I am certain this can be done in Python, Perl and
PHP, not so sure, about a bash script).
>Should the <list password> be the administrator for the list? This is the
>way it is setup for the server early Tuesday morning. I hope it is correct.
I believe the moderator password will work too. I am sure somebody
will correct me if I am wrong. If so, you ought to use it because if
it somehow becomes disclosed accidentally, there is much less
potential for damage by malicious people than with the administrator password.
Dragon
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Venimus, Saltavimus, Bibimus (et naribus canium capti sumus)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Mailman-Users
mailing list