[Mailman-Users] Disable member configuration options

Thu May 10 13:38:33 CEST 2007

Hi to all again and thanks for your postings.
I think I found a way round my problem with
mailman-2.1.9

I thougth it would be nice to share by solution with
any
one else wanting to use mailman in a confiuration
similar
to mine. Although as stated before mailman is not
designed to serve as a spam blocker for the lists on
your
domain I think it can somehow do this. This is the
problem I wanted to solve and the solution I came up
with:

The Problem.
------------

At my domain (mydomain.com), I had several mailing
lists implemented by the emebeded mechanism of the 
mail server program (/etc/aliases). A list called 
mylist (mylist at mydomain.com) had several mail acounts
where some of them where outside mydomain.

mylist: 
  user1 at mydomain.com
  user2 at mydomain.com
  outuser1 at otherdomain1.com
  outuser2 at otherdomain2.com

When mails were sent to the list my mail server
forwarded the messages to all the above members.
Considere now this scenario:
A spammer sends a spam mail to the list. The spam is
not blocked by my spam filter program and is forwarded
to the above members. In this case although my mail
server is not an open relay the a spammer was able to
send spam from my mail server to other domains. The
receiving otherdomain mail servers when they catch the
spam mail may ilform me that I send spam or in an
extreme case they could also record my mail server in
an RBL and block future messages originating from my
domain.

The Requirements
----------------
To avoid a situation like the above I want to host 
a mailing list where:

1. Anyone (member or not) can post to the list
2. Only list members can read the list's postings
3. List members can be from both mydomain and
otherdomain.
4. Messages are only forwarded to the mail-clients of
only the list members that belong to mydomain.

5.But the how members of otherdomain will be able to
read the postings in the list?

The Solution
------------
Use mailman. Create web based mailing lists where all
of the above requirements are met and where
otherdomain
list members can read the postings via the web
archive.

How-To
------
* Create the list mylist at mydomain.com
* Subscribe the users (req. 3)
* Make the list archives private (req. 2)
* Set the "Privacy Options"->"Sender Filters"->
generic_nonmember_action=Accept (req. 1)
* Enable the "membership management" -> "nomail"
option for all the otherdomain users.

That should do it. But as mailman is so configurable
for users otherdomain users can change the nomail
option from either the web or the e-mail interface. 

- Don't allow users to change their nomail option from

  the web interface:
As list admin go to "Edit the public HTML pages and
text files"->"User specific options page" find the
html
code that refers to mail delivery options and delete
it. Now when the user visits his conf. wont be able to
change the nomail option.

- But the user can also change this option via the  
email interface, so disable the e-mail interface for
this list.

Configure the auto-responder for the mylist-request
address:
Set  "Auto-responder"->autorespond_postings="yes"
Set 
"Auto-responder"->autorespond_requests="Yes,w/discard"

and add an appropriate text to the auto-response
message.

Thats it.

Sorry for the long message but I think this could be
usefull to some people and it adds extra value to
mailman as a more appropriate tool to host mailing
lists than embeded mail-server mechanisms.

Any suggestions, opinions arguments for the above
are welcome.

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 