[Mailman-Users] Non-member posting to the list

[Mark Sapiro]

Tanstaafl wrote:
>
>Maybe an alternative would be an option that for every message posted to 
>the list, a confirmation email is sent to the members email address, 
>that they then have to click a link to 'approve' sending the message, 
>just like how subscribes/unsubscribes have to confirmed.


That's an interesting idea. Personally, if I enabled that feature on
any of my lists, I'd be taken out and shot, and I'd want to do the
same to anyone who did it on any list I'm a member of, but if people
want such a list configuration option, we could consider it for MM 3.


>Maybe this could even be extended with some kind of way of cahing the 
>source IP of approved messages, so when messages come in with the same 
>sender and from the same IP that has already been approved, those 
>messages go straight through without requiring confirmation?


That would help some. Sort of like greylisting with a twist, but I
think it would still be unacceptable to many list members.


[...]
>
>I also just noticed the option under the Privacy > Spam controls in the 
>GUI under 'Legacy anti-spam filters' where I can enter the listname 
>itself, to prevent anyone sending spoofed messages from the list to the 
>list.


Yes, and you could also use header_filter_rules for this, but you have
bigger problems if the list posting address is a member of the list,
so ordinary non_member actions should handle this.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan