[Mailman-Users] Mailman and Postfix Best practices to avoid fakesenders
Mark Sapiro
mark at msapiro.net
Tue Apr 6 15:58:44 CEST 2010
Dimitrios Karapiperis wrote:
>
>I am still investigating ways how to eliminate the danger on malicious
>postings on a moderated list (announce-only - newsletter) by
>forged sender or From addresses.
>
>Except from the moderation,
>are there any ways on the MTA side (postfix) asssting on this situation?
I don't know about the MTA side, but since this is an announce list, on
the Mailman side just moderate everyone and post using an Approved:
header. See the FAQ at <http://wiki.list.org/x/XIA9>.
The Approved: header contains either the list admin or list moderator
password and can also be the first line of the first text/plain part
of the message, however in the latter case, if the message is
multipart/alternative, removal of the Approved line from the fancy
text part is on a best effort basis and is not absolutely guaranteed,
so the true header is preferred.
Also see the FAQ at <http://wiki.list.org/x/3YA9> for more suggestions
about announcement lists.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list