[Mailman-Users] Hello List

[Geoff Shang]

Hi,

You're right in that I did forget the Approved: approach, as I didn't iknow 
about it until recently.

Howver, thinking about it further, there's one thing I don't like about it. 
It's OK if the people posting are list admins or moderators, but if you have 
othwers who should be able to post to the list, you don't necessarily want 
to give them all the admin or moderator password.  An additional password 
for this purpose would perhaps be called for here, one that's only used to 
allow posts through without granting any other access.

Geoff.


----- Original Message ----- 
From: "Mark Sapiro" <mark at msapiro.net>
To: "Geoff Shang" <geoff at QuiteLikely.com>; <Mailman-Users at python.org>
Sent: Wednesday, 16 December, 2009 8:22 PM
Subject: Re: [Mailman-Users] Hello List


Geoff Shang wrote:
>
>And of course unmoderate the list admin and anyone else you want to be
>able to post.


This is not good advice. Everyone should be moderated and posters
should use an Approved: <password> header to post. Otherwise, it's too
easy for an unauthorized poster to spoof an authorized address.
Spammers even do it accidently.


>You should also probably set the list to reject posts from moderated
>members, otherwise you'll need to manually process posts from anyone who
>tries to post.


Yes. This is all covered in the FAQ at <http://wiki.list.org/x/3YA9>.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan



__________ Information from ESET NOD32 Antivirus, version of virus signature 
database 4699 (20091218) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com




__________ Information from ESET NOD32 Antivirus, version of virus signature database 4699 (20091218) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com